Not what you were looking for? Ask our experts!
Reply
Visitor
Malacath
Posts: 9
Registered: ‎04-30-2013

Webcake 3.0 malware.

Recently one of my computers has been having searches highjacked by delta search.

 

So I did a full virus scan with Norton Internet security and it didn't find anything.

 

I then downloaded the free version of Malwarebytes and it found 56 malicious items

 

As well as delta-search it found something called webcake 3.0

 

I did a web search and found this http://virusremovalstation.blogspot.co.uk/2013/08/is-web-cake-30-malware-how-to-remove.html

 

This website claims that webcake steals bank details.

 

So my question is Why the hell didn't Norton stop this from getting on the system and why doesn't Norton pick it up when doing virus scans?

 

I'm actually disgusted that an anti-virus I paid for allowed something as bad as this to get on the computer.  If you pay for anti-virus you expect it to do it's job. Clearly Norton has failed.

 

So what is going on?

 

Why can't Norton detect this Malware?

 

 

Regular Contributor
Gorg
Posts: 59
Registered: ‎12-11-2008

Re: Webcake 3.0 malware.

According to some searchs I've done, Symantec picks this up as Yontoo. Not sure this helps you at all, but I thought I'd throw it out there.

Kastrenzke_C
Posts: 1
Topics: 0
Kudos: 0
Blog Posts: 0
Ideas: 0
Solutions: 0
Registered: ‎06-22-2012

Re: Webcake 3.0 malware.

Web Cake is an tool bar extension. It could be installed accidentally while browing the web. This can be found mostly in Google Chrome Extension.

Kenyunizke
Visitor
Malacath
Posts: 9
Registered: ‎04-30-2013

Re: Webcake 3.0 malware.


Gorg wrote:

According to some searchs I've done, Symantec picks this up as Yontoo. Not sure this helps you at all, but I thought I'd throw it out there.


Clearly it doesn't

 

I've now totally uninstalled Norton and the first thing I did was switch on and run Windows defender and that also detected webcake.

 

I now no longer trust Norton with my security and will be removing it from all my computers.

 

If a paid for anti-virus can't protect me from this I might as well install a free one like Microsoft Securty Essentials.

 

The annoying thing is that when I first installed Norton it removed malwarebytes pro. Now if it had left malwarebytes alone then I probably wouldn't have got infected.

 

 

 

 

lmacri
Posts: 1,455
Kudos: 532
Registered: ‎05-05-2009

Re: Webcake 3.0 malware.

[ Edited ]

Malacath wrote:

 

I've now totally uninstalled Norton and the first thing I did was switch on and run Windows defender and that also detected webcake. 

 

The annoying thing is that when I first installed Norton it removed malwarebytes pro. Now if it had left malwarebytes alone then I probably wouldn't have got infected.


Hi Malacath:

 

You can see from the number of posts in FattiesGoneWild's thread here that many Norton users were upset about Symantec's decision to block Malwarebytes Anti-Malware (MBAM) in NIS v. 20.3.0.36.  Symantec eventually reversed that decision and released a v. 20.4.0.40 patch that removed that block (see Tony Weiss's here).

 

Before making any final decision about removing your Norton software, you should read David Lipman's post here in the MBAM forum about the difference between malware and viruses and why MBAM is designed to provide an additional layer of protection to the real-time protection provided by a robust anti-virus program.  Most of the MBAM detections I've seen on my own system were orphaned registry entries and PUPs (potentially unwanted programs) that were left behind after I uninstalled an unwanted browser toolbar.

 

Webcake is classfied by Symantec as a potentially unwanted app with a low risk impact that displays unwanted advertisements (see here for more info) and detection has been provided in Norton products since 08-Aug-2013.

-----------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 24.0 * IE 9.0 * NIS 2013 v. 20.4.0.40 * MBAM PRO 1.75.0.1300
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

peterweb
Posts: 8,063
Kudos: 1,175
Solutions: 305
Registered: ‎04-17-2008

Re: Webcake 3.0 malware.

Here is some info on Webcake 3.0.  http://virusremovalstation.blogspot.ca/2013/08/is-web-cake-30-malware-how-to-remove.html

 

As noted, the software in itself is not malicious and will not harm your syste,sowould come under the heading of PUP (Potentially Unwanted Program). It will not harm your system itself, but is very annoying. This is why Norton does not catch and eliminate it. Believe it or not, some users actually want browser 'enhancements' that offer suggestions when they visit web pages. These PUPs are usually always accepted by the user as a add on to a legitimate download. It may not be obvious at the time, but you did allow it.

 

Norton focuses on malware that will damage your system. No one security softare can protect you from 100% of malware 100% of the time.

 

Some are harder to remove than others and you might want to go to one of the free malware removal sites below.

 

http://www.bleepingcomputer.com/
http://www.geekstogo.com/forum/
http://www.cybertechhelp.com/forums/
http://forums.whatthetech.com/


 

 


Things happen. Export/Backup your Identity Safe data.
Bot Obliterator
Quads
Posts: 16,454
Registered: ‎07-21-2008

Re: Webcake 3.0 malware.

[ Edited ]

"about the difference between malware and viruses"

 

Viruses are Malware  so there is no difference.

 

Malware, short for malicious software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems

Malware includes viruses, ransomware, worms, trojans, rootkits(including Bootkits), keyloggers, dialers, spyware, adware, Bad BHOs, rogues (fakeAV's)


Of Note though some Spyware and Keyloggers are known as good, so not detected, and PUP's (PUA's) some are OK as some users want them but some do push the limit or go over the line at times. Security Companies have differences for where is that line. Some of the problems with PUP's does not occur until a user has too many installed to run on startup that use .dll's services or explorer (Not IE).
I actually remember one user complaining because Norton was detecting what I consider a PUP's but the user was

complaining because they wanted the program. some weeks ago now

 

Quads

 

lmacri
Posts: 1,455
Kudos: 532
Registered: ‎05-05-2009

Re: Webcake 3.0 malware.

[ Edited ]

Malacath wrote:
I did a web search and found this http://virusremovalstation.blogspot.co.uk/2013/08/is-web-cake-30-malware-how-to-remove.html .  This website claims that webcake steals bank details.

 

Quads wrote:
Viruses are Malware so there is no difference.

... and not all malware is a virus.

 

This is a quote from the website Malacath referred to:

 

"Usually, the Web Cake 3.0 will use system vulnerabilities and security exploits so that to invade innocent computers without your permission or knowledge. Moreover, Web Cake 3.0 steals your personal and financial information and sends it the cyber crooks for they illegal purposes."

I can't speak for Malacath, but if I thought I had malware on my system that was able to steal my banking passwords, that it wasn't detected by my NIS anti-virus protection, and that it could have been detected by MBAM but wasn't because NIS uninstalled MBAM from my system, I'd be pretty peeved too.

I think the issue here is whether NIS missed detecting a high-risk info stealer. I don't believe that's the case, and I hope that we've put Malacath's mind to rest that their system security was not severely compromised when NIS failed to flag a low-risk potentially unwanted program/app (PUP/PUA) like WebCake.

------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 24.0 * IE 9.0 * NIS 2013 v. 20.4.0.40 * MBAM PRO 1.75.0.1300
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

lmacri
Posts: 1,455
Kudos: 532
Registered: ‎05-05-2009

Re: Webcake 3.0 malware.

[ Edited ]

Malacath wrote:

 

This website claims that webcake steals bank details.


Hi Malacath:

 

Further to the link you provided for the VirusRemovalStation blog, I did a bit of digging and it appears this blog is run by a company called Tee Support Tech Support.  The reason they provide this type of false information is to scam you into paying $69.95 for their one-time virus removal assistance that you can receive for free from any of the reputable malware removal sites that peterweb provided links to in post # 6.

 

I've even heard of people who clicked on the "Remove It Now!" button from one of these so-called "tech support" sites like Tee Support and actually ended up downloading more malware to their system.

------------
MS Windows Vista Home Premium 32-bit SP2 * Firefox 24.0 * IE 9.0 * NIS 2013 v. 20.4.0.40 * MBAM PRO 1.75.0.1300
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

Bot Obliterator
Quads
Posts: 16,454
Registered: ‎07-21-2008

Re: Webcake 3.0 malware.

This is what was said 

 

"Before making any final decision about removing your Norton software, you should read David Lipman's post here in the MBAM forum about the difference between malware and viruses"

 

 

... and not all malware is a virus.

 


Not all Malware is a Virus, but all Viruses are Malware,  But there is no difference between Malware and Viruses,  as Viruses are malware.

 

Hmmm  what is the difference between a Dog and a Poodle??    Dog = Malware. Virus = Poodle,  Nothing  a Poodle is a bred (Type) of dog,  Same as  Virus is a type of malware.

 

So difference between Malware and Viruses and Malware is NOTHING!!!!!  

 

If someone said the difference between Viruses and Ransomware,   Yeah, right, as that is 2 different types of Malware.

 

Quads