Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
(Note, Web Cake publishes each variation of this file with the same version, but the hashes are unique.)
Relationships
Parent process
Related files
wbdesktop.updater.1.0.0.16.exe
By Web Cake (Signed)
| Version: | 1.0.0.3 |
| MD5: | 7d66c7460240c5fa7da4e775df9ff328 |
| SHA1: | ea8ada75b6a0dbe8157470d7cce54adcf33c3f3e |
| SHA256: | c3ec471149f4d1554caba8275623bde34d560541bd38d77bd6e9e528b99d3b8e |
Warning 16 antivirus scanners has detected malware.
Overview
wbdesktop.updater.1.0.0.16.exe is malware that runs as a service under the name WebCakeUpdater (WebCake Desktop Updater) with extensive SYSTEM privileges (full administrator access). It is installed with a couple of know programs including Web Cake 3.00 published by Web Cake LLC and Web-Cake 3.00 published by Web Cake LLC. The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). The file is digitally signed by Web Cake which was issued by the VeriSign certificate authority (CA).
Details
| File name: | wbdesktop.updater.1.0.0.16.exe |
| Publisher: | cake bake |
| Description: | Desktop.Updater |
| Typical file path: | C:\Program Files\wbdesktop.updater.1.0.0.16.exe |
| Original name: | Desktop.Updater.exe |
| File version: | 1.0.0.3 |
| Size: | 50.77 KB (51,992 bytes) |
| Build date: | 7/29/2013 8:42 PM |
| Certificate |
| Issued to: | Web Cake |
| Authority (CA): | VeriSign |
| Effective date: | Tuesday, April 9, 2013 |
| Expiration date: | Friday, April 10, 2015 |
| Digital DNA |
| File packed: | No |
| Code language: | Microsoft Visual C# / Basic .NET |
| .NET CLR: | Yes |
| .NET NGENed: | No |
More details
Programs
The following programs will install this file
Web Cake (also known as WebCake desktop) is an adware program that displays coupons with offers and advertisements when you are shopping online. During installation the web browser extension will modify various settings and security settings of the installed web browsers. From the EULA it states: "Certain browser and search engine settings may be adjusted to optimize the performance of the Software. If your settings were optimized durin...
The WebCake web browser plugin by sterkly LLC declares that it can sweeten browsing experience. It can modify Windows hosts file and DNS settings. Once installed, the WebCake Safe will display a see similar button on the product images of the shopping websites such as Amazon, Expedia, Best Buy, Facebook and so on. As long as you click the see similar button, the WebCake will pop up ads.
Behaviors
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
- 'WebCake Desktop Updater'
- 'WebCakeUpdater'
Malware detections
Based on 40+ industry antivirus scanners, 16 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| avast! |
8.0.1489.320 |
Win32:Webcake-A [Adw] |
| AVG |
13.0.0.3169 |
AdInject.WebCake |
| BitDefender |
7.2 |
Adware.WebCake.C |
| Comodo Internet Security |
17071 |
ApplicUnwnt |
| Dr.Web |
8.13.10.8 |
Adware.WebCake.1 |
| Emsisoft Anti-Malware |
3.0.0.589 |
Adware.WebCake.C (B) |
| ESET NOD32 |
7.8888 |
MSIL/WebCake.A |
| F-Secure |
11.0.19100.45 |
Adware.WebCake.C |
| G Data |
13.10.22 |
Adware.WebCake.C |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.WebCake.A |
| eScan by MicroWorld |
12.0.250.0 |
Adware.WebCake.C |
| nProtect |
2013-10-08.01 |
Adware.WebCake.C |
| Panda Antivirus |
10.0.3.5 |
Adware/WebCake |
| PC Tools |
9.0.0.2 |
SecurityRisk.Yontoo!rem |
| Symantec |
20131.1.5.61 |
Yontoo |
| VIPRE Antivirus |
22190 |
Yontoo (fs) |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00048165% | |
| Kernel CPU: | 0.00020122% | |
| User CPU: | 0.00028043% | |
| Kernel CPU time: | 234 ms/min | |
| CPU cycles: | 222,403/sec | |
| Memory |
| Private memory: | 10.87 MB | |
| Private (maximum): | 10.18 MB | |
| Private (minimum): | 4.93 MB | |
| Non-paged memory: | 10.87 MB | |
| Virtual memory: | 115.23 MB | |
| Virtual memory (peak): | 120.9 MB | |
| Working set: | 5.2 MB | |
| Working set (peak): | 11.76 MB | |
| Page faults: | 9,222/min | |
| I/O |
| I/O read transfer: | 2.93 KB/sec | |
| I/O read operations: | 1/sec | |
| I/O write transfer: | 0 Bytes/sec | |
| I/O write operations: | 1/sec | |
| I/O other transfer: | 239 Bytes/sec | |
| I/O other operations: | 18/sec | |
| Resource allocations |
| Threads: | 7 | |
| Handles: | 326 | |
Process properties
| Integrety level: | System |
| Platform: | 64-bit |
| Command lines: |
- "C:\Program Files\tepfel\webcakedesktop.updater.exe"
- "C:\Program Files\betcat\wbdesktop.updater.1.0.0.17.exe"
- "C:\Program Files\wbdesktop.updater.1.0.0.16.exe"
|
| Owner: | SYSTEM |
| Windows Service |
| Service name: | WebCake Desktop Updater |
| Display name: | WebCakeUpdater |
| Description: | “Provides limited updating assistance for WebCake Desktop” |
| Type: | Win32OwnProcess |
| Parent process: | services.exe (by Microsoft) |
Threads
Averages
| WBDesktop.Updater.1.0.0.16.exe (main module) |
| Total CPU: | 0.00077259% | |
| Kernel CPU: | 0.00036490% | |
| User CPU: | 0.00040769% | |
| CPU cycles: | 14,712/sec | |
| Memory: | 72 KB | |
| mscorwks.dll |
| Total CPU: | 0.00011408% | |
| Kernel CPU: | 0.00000000% | |
| User CPU: | 0.00011408% | |
| CPU cycles: | 572/sec | |
| Memory: | 5.67 MB | |
| wow64win.dll |
| Total CPU: | 0.00000551% | |
| Kernel CPU: | 0.00000000% | |
| User CPU: | 0.00000551% | |
| CPU cycles: | 194/sec | |
| Memory: | 360 KB | |
Distribution by Windows OS
| OS version | distribution |
| Windows 8 Single Language |
50.00% |
|
| Windows 7 Professional |
33.33% |
|
| Windows 7 Home Premium |
16.67% |
|
Distribution by country
Ecuador installs about 33.33% of wbdesktop.updater.1.0.0.16.exe.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Sony |
44.44% |
|
| Acer |
22.22% |
|
| Dell |
22.22% |
|
| Hewlett-Packard |
11.11% |
|
