WebSpades
What is WebSpades?
WebSpades is software application developed by Yontoo Technology, Inc.. It is most commonly found on computers running Windows 7 with nearly 55.44% of installations running this operating system. WebSpades's installer is typically 2.00 MB in size and installs around 18 files. The most common release is 2014.09.03.132603 with 0.41% of all installations currently using this version.
WebSpades is most popular in the United States with 10.43% of installations residing in this country.
About WebSpades?
WebSpades is a browser extension developed and distributed by Yontoo, a division of Sambreel Holdings based in Carlsbad, California. It is designed to integrate with web browsers such as Chrome, Internet Explorer, and Firefox, and inject various forms of advertising, including inline text, multi-site searching, comparison shopping popups, banners, and popups/popunders. This adware application is often included as part of a download bundle and installs itself without notice. In addition to displaying ads, WebSpades also modifies the browser's settings to facilitate its ad injection offers. This includes automatically adjusting the load time in Internet Explorer and modifying the browser's Instant Search feature. Additionally, the adware extension will open search engine results page links in a new browser tab. WebSpades is known for its association with unwanted software and may not be in compliance with standard user privacy and security policies.
Multiple virus scanners have detected malware in WebSpades.
| Scanner Software | Version | Result |
|---|---|---|
| Lavasoft Ad-Aware | 12.0.163.0 | Adware.SwiftBrowse.CO |
| AhnLab-V3 | 2015.02.18.00 | Win-PUP/BrowseFox.Gen |
| Antiy-AVL | 1.0.0.1 | GrayWare[AdWare:not-a-virus]/Win32.SwiftBrowse |
| avast! | 8.0.1489.320 | Win32:BrowseFox-EX [PUP] |
| AVG | 15.0.0.4284 | Webpade |
| Avira | 7.11.210.222 | Adware/BrowseFox.aow |
| AVware | 1.5.0.21 | Yontoo (fs) |
| Baidu-International | 3.5.1.41473 | Adware.MSIL.BrowseFox.H |
| Bitdefender | 7.2 | Adware.SwiftBrowse.CO |
| CAT-QuickHeal | 14.00 | AdWare.Swiftbrowse.r3 (Not a Virus) |
| Comodo Security | 21120 | ApplicUnwnt |
| Cyren | 5.4.16.7 | W32/S-7b6eb46a!Eldorado |
| Dr.Web | 7.0.11.1300 | Trojan.Yontoo.1070 |
| Emsisoft Anti-Malware | 3.0.0.600 | Adware.SwiftBrowse.CO (B) |
| ESET-NOD32 | 11193 | a variant of MSIL/BrowseFox.H potentially unwanted |
| Fortinet FortiGate | 5.0.999.0 | Adware/SwiftBrowse |
| F-Prot | 4.7.1.166 | W32/S-7b6eb46a!Eldorado |
| F-Secure | 11.0.19100.45 | Adware.SwiftBrowse.CO |
| G Data | 25 | Adware.SwiftBrowse.CO |
| Jiangmin | 16.0.100 | AdWare/SwiftBrowse.jfk |
| K7 AntiVirus | 9.196.14999 | Unwanted-Program ( 0040f96c1 ) |
| K7GW | 9.196.14998 | Unwanted-Program ( 0040f96c1 ) |
| Kaspersky | 15.0.1.10 | not-a-virus:AdWare.Win32.SwiftBrowse.cj |
| McAfee | 6.0.5.614 | BrowseFox-FTQ |
| McAfee-GW-Edition | v2014.2 | BehavesLike.Win32.Backdoor.hm |
| MicroWorld-eScan | 12.0.250.0 | Adware.SwiftBrowse.CO |
| NANO AntiVirus | 0.30.0.126 | Riskware.Win32.SwiftBrowse.dlhlyn |
| nProtect | 2015-02-17.01 | Adware.SwiftBrowse.CO |
| Panda Antivirus | 4.6.4.2 | Trj/CI.A |
| Qihoo-360 | 1.0.0.1015 | Win32/Virus.Adware.dbb |
| Sophos | 4.98.0 | Generic PUA CB |
| Symantec | 20141.2.0.56 | Trojan.Gen.2 |
| Tencent | 1.0.0.1 | Win32.Trojan.Falsesign.Airx |
| Trend Micro | 9.740.0.1012 | TROJ_GEN.R047C0EA815 |
| TrendMicro-HouseCall | 9.700.0.1001 | TROJ_GEN.R047C0EA815 |
| Vba32 AntiVirus | 3.12.26.3 | AdWare.SwiftBrowse |
| VIPRE Antivirus | 37670 | Yontoo (fs) |
| Zillya | 2.0.0.2071 | Adware.SwiftBrowse.Win32.1216 |
| Scanner Software | Version | Result |
|---|---|---|
| Agnitum Outpost | 7.1.1 | PUA.Agent |
| Avira AntiVir | 7.11.144.160 | APPL/BrowseFox.Gen2 |
| Antiy-AVL | 0.1.0.1 | GrayWare[AdWare:not-a-virus]/Win32.Agent |
| Comodo Security | 18144 | Application.Win32.Altbrowse.AK |
| Dr.Web | 9.0.0.0112 | Trojan.BPlug.17 |
| ESET-NOD32 | 8.9704 | a variant of Win32/BrowseFox.F |
| Fortinet FortiGate | 4/22/2014 | Adware/Agent |
| G Data | 14.4.24 | Win32.Application.BrowseFox |
| IKARUS anti.virus | t3scan.1.6.1.0 | not-a-virus:AdWare.Win32.Agent |
| Kaspersky | 14.0.0.3978 | not-a-virus:AdWare.Win32.Agent |
| Kingsoft AntiVirus | 331020.49267 | Win32.Troj.Agent.ah.(kcloud) |
| Malwarebytes | v2014.04.22.11 | PUP.Optional.WebSpades.A |
| McAfee | 5600.7153 | Artemis!8514F522DE67 |
| McAfee-GW-Edition | 7.7153 | Artemis!8514F522DE67 |
| NANO AntiVirus | 0.28.0.59492 | Riskware.Win32.Agent.crkvek |
| Sophos | 4.98 | Generic PUA OH |
| SUPERAntiSpyware | 10650 | Adware.BrowseFox/Variant |
| VIPRE Antivirus | 28478 | Yontoo (fs) |
| Lavasoft Ad-Aware | 12.0.163.0 | Adware.SwiftBrowse.CO |
| AhnLab-V3 | 2015.02.18.00 | Win-PUP/BrowseFox.Gen |
| avast! | 8.0.1489.320 | Win32:BrowseFox-EX [PUP] |
| AVG | 15.0.0.4284 | Webpade |
| Avira | 7.11.210.222 | Adware/BrowseFox.aow |
| AVware | 1.5.0.21 | Yontoo (fs) |
| Baidu-International | 3.5.1.41473 | Adware.MSIL.BrowseFox.H |
| Bitdefender | 7.2 | Adware.SwiftBrowse.CO |
| CAT-QuickHeal | 14.00 | AdWare.Swiftbrowse.r3 (Not a Virus) |
| Cyren | 5.4.16.7 | W32/S-7b6eb46a!Eldorado |
| Emsisoft Anti-Malware | 3.0.0.600 | Adware.SwiftBrowse.CO (B) |
| F-Prot | 4.7.1.166 | W32/S-7b6eb46a!Eldorado |
| F-Secure | 11.0.19100.45 | Adware.SwiftBrowse.CO |
| Jiangmin | 16.0.100 | AdWare/SwiftBrowse.jfk |
| K7 AntiVirus | 9.196.14999 | Unwanted-Program ( 0040f96c1 ) |
| K7GW | 9.196.14998 | Unwanted-Program ( 0040f96c1 ) |
| MicroWorld-eScan | 12.0.250.0 | Adware.SwiftBrowse.CO |
| nProtect | 2015-02-17.01 | Adware.SwiftBrowse.CO |
| Panda Antivirus | 4.6.4.2 | Trj/CI.A |
| Qihoo-360 | 1.0.0.1015 | Win32/Virus.Adware.dbb |
| Symantec | 20141.2.0.56 | Trojan.Gen.2 |
| Tencent | 1.0.0.1 | Win32.Trojan.Falsesign.Airx |
| Trend Micro | 9.740.0.1012 | TROJ_GEN.R047C0EA815 |
| TrendMicro-HouseCall | 9.700.0.1001 | TROJ_GEN.R047C0EA815 |
| Vba32 AntiVirus | 3.12.26.3 | AdWare.SwiftBrowse |
| Zillya | 2.0.0.2071 | Adware.SwiftBrowse.Win32.1216 |
Software Behaviors
- Services:
-
- updateWebSpades.exe runs as a service named 'Update WebSpades' (Update WebSpades).
- utilWebSpades.exe runs as a service named 'Util WebSpades' (Util WebSpades).
Software Details
- URL:
- https://webspades.info/support
- Support:
- https://mailto:
- Installation path:
- C:\Program Files\WebSpades
- Uninstaller:
- C:\Program Files\WebSpades\WebSpadesuninstall.exe
- Size:
- 2.00 MB
- Language:
- English
WebSpades Executable Details
- Primary executable:
- WebSpadesBHO.dll
- Name:
- WebSpades
- Path:
- C:\Program Files\WebSpades\WebSpadesBHO.dll
- MD5:
- 8514f522de6709d44e7cc7bb7c709343
- SHA-1:
- –
- SHA-256:
- –
| File Type | Filename | MD5 |
|---|---|---|
|
EXE
|
e92604e043f51c604b6d1ac3bcd3a202 | |
|
EXE
|
c5bc3d856c77bc50fb4f06591205e1b1 | |
|
EXE
|
8d31becb8cb931c69008858a565afb28 | |
|
EXE
|
0446fe39b6c32f64bf64681a20247203 | |
|
EXE
|
93196e6549178ec467ef3aa27c8330d5 | |
|
EXE
|
updateWebSpades.exe
Adware
|
7b51581a5dfc528298d8ed8d09388dc3 |
|
EXE
|
83f7bfd26a9f88fe097042e48c455687 | |
|
DLL
|
WebSpadesBHO.dll
Adware
|
8514f522de6709d44e7cc7bb7c709343 |
|
DLL
|
8514f522de6709d44e7cc7bb7c709343 | |
|
DLL
|
8514f522de6709d44e7cc7bb7c709343 |