Should I block it?

Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1.00.01 16.67%
1.00.01 5.56%
1.00.01 50.00%
1.00.01 27.78%
(Note, Web Cake publishes each variation of this file with the same version, but the hashes are unique.)


PE structurePE file structure

Show functions
Import table
RegOpenKeyW, RegCreateKeyW, RegSetValueW, RegQueryValueW, RegQueryInfoKeyW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, RegCreateKeyExW, RegOpenKeyExW, RegEnumKeyExW
GetProcAddress, GetModuleHandleW, lstrcmpiW, WaitForSingleObject, lstrcmpW, GetProcessHeap, MultiByteToWideChar, lstrlenA, HeapFree, HeapAlloc, HeapReAlloc, InterlockedIncrement, WideCharToMultiByte, GetModuleFileNameW, FreeLibrary, LoadLibraryExW, SetThreadLocale, GetThreadLocale, CloseHandle, CreateFileW, WriteConsoleW, SetStdHandle, GetConsoleMode, GetConsoleCP, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, LeaveCriticalSection, EnterCriticalSection, GetLastError, RaiseException, InterlockedDecrement, lstrlenW, SetFilePointer, LoadLibraryW, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetModuleFileNameA, GetStartupInfoW, GetFileType, SetHandleCount, Sleep, IsProcessorFeaturePresent, GetStringTypeW, LCMapStringW, SetLastError, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, GetCurrentProcess, TerminateProcess, FlushFileBuffers, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetStdHandle, WriteFile, ExitProcess, HeapCreate, GetCommandLineA, DecodePointer, EncodePointer, CreateThread, GetCurrentThreadId, ExitThread, RtlUnwind, HeapSize, HeapDestroy
CoTaskMemRealloc, CoTaskMemAlloc, CoCreateGuid, CoInitialize, CoUninitialize, CoCreateInstance, StringFromGUID2, CoTaskMemFree
UuidToStringW, NdrStubCall2, NdrStubForwardingFunction, IUnknown_Release_Proxy, NdrDllUnregisterProxy, NdrDllRegisterProxy, NdrCStdStubBuffer2_Release, NdrDllCanUnloadNow, NdrDllGetClassObject, NdrOleAllocate, NdrOleFree, IUnknown_QueryInterface_Proxy, RpcStringFreeW, IUnknown_AddRef_Proxy
InvalidateRect, GetWindow, GetClassNameW, CharNextW, wsprintfW
WSAGetOverlappedResult, WSASend, WSAResetEvent, WSARecv, WSAEnumNetworkEvents, WSASetEvent, WSACreateEvent, WSASocketW, WSACloseEvent, GetAddrInfoW, WSAEventSelect, FreeAddrInfoW, WSAConnect
Export table


WebCake Runtime by Web Cake (Signed)

Remove WebCakeIEClient.dll
Version:   1.00.01
MD5:   a061b4a28caaa32ed60b03c9f6f022aa
SHA1:   9ee13dea095b7f17b269aa5a6a34134620e44280
SHA256:   cdb4fca92fdbe1fb82afd7f5be9f85218b9dc4a3738c5b503e0256c7ed57db4d
Warning 18 antivirus scanners has detected malware.


webcakeieclient.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. This is typically installed with the program WebCake 3.00 published by Web Cake LLC and is most likely removed by most users once installed (84% removed). The file is digitally signed by Web Cake which was issued by the VeriSign certificate authority (CA).


File name:webcakeieclient.dll
Publisher:WebCake LLC
Product name:WebCake Runtime
Typical file path:C:\Program Files\webcake\webcakeieclient.dll
File version:1.00.01
Size:193.27 KB (197,912 bytes)
Build date:6/7/2013 4:55 PM
Issued to:Web Cake
Authority (CA):VeriSign
Effective date:Monday, April 8, 2013
Expiration date:Thursday, April 9, 2015
Digital DNA
File packed:No
More details


The following program will install this file
Web Cake LLC
  84% remove
The WebCake web browser plugin by sterkly LLC declares that it can sweeten browsing experience. It can modify Windows hosts file and DNS settings. Once installed, the WebCake Safe will display a see similar button on the product images of the shopping websites such as Amazon, Expedia, Best Buy, Facebook and so on. As long as you click the see similar button, the WebCake will pop up ads.


Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {2A5A2A90-3B30-4E6E-A955-2F232C6EF517}

MalwareMalware detections

Based on 40+ industry antivirus scanners, 18 of them detected the following malware.
Antivirus engineEngine versionDetection
avast! 8.0.1489.320 Win32:Webcake-A [Adw]
AVG 2014.0.3629 AdInject.WebCake
BitDefender 7.2 Adware.WebCake.A
Dr.Web Adware.Plugin.11
Emsisoft Anti-Malware Adware.WebCake.A (B)
ESET NOD32 7.8741 probably a variant of Win32/Adware.Yontoo.A
Fortinet Riskware/Yontoo
F-Secure 11.0.19100.45 Adware.WebCake.A
G Data 13.9.22 Adware.WebCake.A
Ikarus T3. AdWare.WebCake
Malwarebytes Adware.WebCake
Microsoft Security Essentials 1.9800.0 Adware:Win32/WebCake
eScan by MicroWorld Adware.WebCake.A
nProtect 2013-08-29.03 Adware.WebCake.C
PC Tools SecurityRisk.WebCake
Symantec 20131.1.5.61 WebCake
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V0611
VIPRE Antivirus 20992 Yontoo (fs)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 44.44%
Windows 8 16.67%
Windows 7 Home Premium 11.11%
Windows 8 Pro 11.11%
Windows 7 Professional 5.56%
Windows Vista Home Premium 5.56%
Microsoft Windows XP 5.56%

Distribution by countryDistribution by country

United States installs about 22.22% of WebCake Runtime.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 28.57%
Hewlett-Packard 19.05%
Dell 19.05%
Acer 14.29%
MSI 9.52%
American Megatrends 4.76%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE