Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1.00.01 16.67%
1.00.01 5.56%
1.00.01 50.00%
1.00.01 27.78%
(Note, Web Cake publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegOpenKeyW, RegCreateKeyW, RegSetValueW, RegQueryValueW, RegQueryInfoKeyW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, RegCreateKeyExW, RegOpenKeyExW, RegEnumKeyExW
kernel32.dll
GetProcAddress, GetModuleHandleW, lstrcmpiW, WaitForSingleObject, lstrcmpW, GetProcessHeap, MultiByteToWideChar, lstrlenA, HeapFree, HeapAlloc, HeapReAlloc, InterlockedIncrement, WideCharToMultiByte, GetModuleFileNameW, FreeLibrary, LoadLibraryExW, SetThreadLocale, GetThreadLocale, CloseHandle, CreateFileW, WriteConsoleW, SetStdHandle, GetConsoleMode, GetConsoleCP, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, LeaveCriticalSection, EnterCriticalSection, GetLastError, RaiseException, InterlockedDecrement, lstrlenW, SetFilePointer, LoadLibraryW, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetModuleFileNameA, GetStartupInfoW, GetFileType, SetHandleCount, Sleep, IsProcessorFeaturePresent, GetStringTypeW, LCMapStringW, SetLastError, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, GetCurrentProcess, TerminateProcess, FlushFileBuffers, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetStdHandle, WriteFile, ExitProcess, HeapCreate, GetCommandLineA, DecodePointer, EncodePointer, CreateThread, GetCurrentThreadId, ExitThread, RtlUnwind, HeapSize, HeapDestroy
ole32.dll
CoTaskMemRealloc, CoTaskMemAlloc, CoCreateGuid, CoInitialize, CoUninitialize, CoCreateInstance, StringFromGUID2, CoTaskMemFree
rpcrt4.dll
UuidToStringW, NdrStubCall2, NdrStubForwardingFunction, IUnknown_Release_Proxy, NdrDllUnregisterProxy, NdrDllRegisterProxy, NdrCStdStubBuffer2_Release, NdrDllCanUnloadNow, NdrDllGetClassObject, NdrOleAllocate, NdrOleFree, IUnknown_QueryInterface_Proxy, RpcStringFreeW, IUnknown_AddRef_Proxy
user32.dll
InvalidateRect, GetWindow, GetClassNameW, CharNextW, wsprintfW
ws2_32.dll
WSAGetOverlappedResult, WSASend, WSAResetEvent, WSARecv, WSAEnumNetworkEvents, WSASetEvent, WSACreateEvent, WSASocketW, WSACloseEvent, GetAddrInfoW, WSAEventSelect, FreeAddrInfoW, WSAConnect
Export table
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

WebCakeIEClient.dll

WebCake Runtime by Web Cake (Signed)

Remove WebCakeIEClient.dll
Version:   1.00.01
MD5:   20fe682335905c6b67b7de795fbc5381
SHA1:   245e445b98ffb75dc2e238b869b63d89f080e878
SHA256:   a0738e917b7e784515e9c5411a41d96f3cb04126cbbdebfe07bd8467f2e1da6c
Warning 20 antivirus scanners has detected malware.

Overview

webcakeieclient.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. This is typically installed with the program WebCake 3.00 published by Web Cake LLC and is most likely removed by most users once installed (84% removed). The file is digitally signed by Web Cake which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:webcakeieclient.dll
Publisher:WebCake LLC
Product name:WebCake Runtime
Typical file path:C:\Program Files\webcake\webcakeieclient.dll
File version:1.00.01
Size:193.27 KB (197,912 bytes)
Build date:6/21/2013 5:07 AM
Certificate
Issued to:Web Cake
Authority (CA):VeriSign
Effective date:Monday, April 8, 2013
Expiration date:Thursday, April 9, 2015
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
WebCake
 Web Cake LLC
  84% remove
The WebCake web browser plugin by sterkly LLC declares that it can sweeten browsing experience. It can modify Windows hosts file and DNS settings. Once installed, the WebCake Safe will display a see similar button on the product images of the shopping websites such as Amazon, Expedia, Best Buy, Facebook and so on. As long as you click the see similar button, the WebCake will pop up ads.

BehaviorsBehaviors

Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517}

MalwareMalware detections

Based on 40+ industry antivirus scanners, 20 of them detected the following malware.
Antivirus engineEngine versionDetection
Agnitum 5.5.1.3 Adware.Yontoo!AyyxvaLQBmg
avast! 8.0.1489.320 Win32:Webcake-A [Adw]
AVG 2014.0.3629 AdInject.WebCake
BitDefender 7.2 Adware.WebCake.A
Comodo Internet Security 16874 ApplicUnwnt
Dr.Web 8.13.10.6 Adware.Plugin.11
Emsisoft Anti-Malware 3.0.0.589 Adware.WebCake.A (B)
ESET NOD32 7.8760 probably a variant of Win32/Adware.Yontoo.A
Fortinet 5.1.147.0 Riskware/Yontoo
F-Secure 11.0.19100.45 Adware.WebCake.A
G Data 13.10.22 Adware.WebCake.A
Ikarus T3.1.5.4.0 AdWare.WebCake
Kaspersky 9.0.0.837 not-a-virus:AdWare.Win32.WebCake.a
Malwarebytes 1.75.0.1 Adware.WebCake
Microsoft Security Essentials 1.9800.0 Adware:Win32/WebCake
eScan by MicroWorld 12.0.250.0 Adware.WebCake.A
nProtect 2013-09-03.03 Adware.WebCake.C
PC Tools 9.0.0.2 SecurityRisk.Yontoo!rem
Symantec 20131.1.5.61 WebCake
VIPRE Antivirus 21144 Yontoo (fs)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 44.44%
Windows 8 16.67%
Windows 7 Home Premium 11.11%
Windows 8 Pro 11.11%
Windows 7 Professional 5.56%
Windows Vista Home Premium 5.56%
Microsoft Windows XP 5.56%

Distribution by countryDistribution by country

United States installs about 22.22% of WebCake Runtime.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 28.57%
Hewlett-Packard 19.05%
Dell 19.05%
Acer 14.29%
MSI 9.52%
GIGABYTE 4.76%
American Megatrends 4.76%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE