WebSpades

By GoldSparrow in Adware

Translate To:

Threat Scorecard

Ranking:	8,111
Threat Level:	20 % (Normal)
Infected Computers:	3,385

First Seen:	March 25, 2014
Last Seen:	September 11, 2023
OS(es) Affected:	Windows

WebSpades is known to be adware that may be spread and installed onto the computer system through packed various freeware. WebSpades may be embedded into Internet Explorer, Mozilla Firefox or Google Chrome Web browsers and decrease the entire computer's performance. WebSpades may display numerous unwanted pop-up ads with the text 'WebSpades Deals' or 'WebSpades Ads', which may unwillingly reroute PC users to affiliated websites once they click on them. This way, computer user may face numerous forced redirects every time they use the hijacked Web browser. The main purpose of WebSpades may be to boost traffic of an unreliable website and generate advertising revenue based on affiliate links and clicks on ads. To avoid the download of WebSpades, PC users should be careful about the programs they are installing to their computers and always follow every installation step. This way they may find out if free programs include additional apps, and then, they may be able not to download them on the computer system.

Table of Contents

Aliases

5 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
AVG	Webpade
Ikarus	AdWare.SpadeCast
Antiy-AVL	Trojan/Win32.TSGeneric
Sophos	BrowseSmart
McAfee	Artemis!53CF0796C727

SpyHunter Detects & Remove WebSpades

File System Details

WebSpades may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}Gw64.sys	3925da84ed744f80535e3c2ce208feeb	11
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}Gw64.sys MD5: 3925da84ed744f80535e3c2ce208feeb Size: 61.12 KB (61120 bytes) Detections: 11 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
2.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	8f82b0c0b69f8936677086528d6fb951	4
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: 8f82b0c0b69f8936677086528d6fb951 Size: 60.09 KB (60096 bytes) Detections: 4 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
3.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	0bd139bf8ba198e7920bdf0de5dfc8d3	3
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: 0bd139bf8ba198e7920bdf0de5dfc8d3 Size: 60.09 KB (60096 bytes) Detections: 3 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
4.	WebSpades.FirstRun.exe	fd315f0e6f86efb707fa18fd4fa55510	2
Name: WebSpades.FirstRun.exe MD5: fd315f0e6f86efb707fa18fd4fa55510 Size: 1.12 MB (1122592 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES(x86)%\WebSpades Group: Malware file Last Updated: April 15, 2014
5.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}Gw.sys	c1c616a7e7499b11b9f327f18beb36d4	2
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}Gw.sys MD5: c1c616a7e7499b11b9f327f18beb36d4 Size: 52.92 KB (52928 bytes) Detections: 2 Type: System file Path: %WINDIR%\System32\drivers Group: Malware file Last Updated: July 18, 2014
6.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}Gt64.sys	2e2c8866e8fc094b71066ccf1d0d2e2b	1
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}Gt64.sys MD5: 2e2c8866e8fc094b71066ccf1d0d2e2b Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
7.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	1973cd2b1d86c782a3537125b79a8fa1	1
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: 1973cd2b1d86c782a3537125b79a8fa1 Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
8.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	a5d3bc5cac6586a3220b1a8d7539c07c	1
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: a5d3bc5cac6586a3220b1a8d7539c07c Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
9.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	efb2355a9c7e2035b078c48370b2844c	1
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: efb2355a9c7e2035b078c48370b2844c Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
10.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	8abb99610a2fa571530058f6585bce7f	1
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: 8abb99610a2fa571530058f6585bce7f Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
11.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	0d23294772b6941c2a6d8d47e8068e83	1
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: 0d23294772b6941c2a6d8d47e8068e83 Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
12.	{2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys	102f714b0185673c3fc7db9d62350e64	1
Name: {2635ac50-5488-40bf-9bfd-accb158f8f3f}t64.sys MD5: 102f714b0185673c3fc7db9d62350e64 Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014
13.	{ed7eb956-75ed-460d-8f69-29a93b07afd1}t64.sys	3c8e6e5865e199e0882513cbcdb4751c	1
Name: {ed7eb956-75ed-460d-8f69-29a93b07afd1}t64.sys MD5: 3c8e6e5865e199e0882513cbcdb4751c Size: 60.09 KB (60096 bytes) Detections: 1 Type: System file Path: system32\drivers Group: Malware file Last Updated: July 18, 2014

Registry Details

WebSpades may create the following registry entry or registry entries:

CLSID

{0D17D945-4EB1-4370-B3B0-E566D5014B0A}

{26C67489-D15D-4C39-9D38-DB3C33FCF199}

{43867D46-E907-46D4-94C0-B50ABF479A59}

{49E31EE4-051E-49D7-B77B-05462B1E91D3}

{57FE6A0E-F47C-40E7-B9A5-D77D752CAD5E}

{5fb66911-2787-49cf-8f96-265e34893e40}

{863499e9-9257-4f5d-a356-496258ab93c8}

{92E43F88-F1A5-442E-94C3-F35E01D075ED}

{c919d8b2-11e4-43c7-a2c2-9294fd2c4106}

HKEY..\..\..\..{RegistryKeys}

Software\Microsoft\Internet Explorer\Approved Extensions\{5FB66911-2787-49CF-8F96-265E34893E40}

Software\Microsoft\Internet Explorer\Approved Extensions\{863499E9-9257-4F5D-A356-496258AB93C8}

Software\Microsoft\Internet Explorer\Approved Extensions\{C919D8B2-11E4-43C7-A2C2-9294FD2C4106}

SOFTWARE\Microsoft\Tracing\updateWebSpades_RASAPI32

SOFTWARE\Microsoft\Tracing\updateWebSpades_RASMANCS

SOFTWARE\Microsoft\Tracing\WebSpades_RASAPI32

SOFTWARE\Microsoft\Tracing\WebSpades_RASMANCS

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5FB66911-2787-49CF-8F96-265E34893E40}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{863499E9-9257-4F5D-A356-496258AB93C8}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C919D8B2-11E4-43C7-A2C2-9294FD2C4106}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5FB66911-2787-49CF-8F96-265E34893E40}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{863499E9-9257-4F5D-A356-496258AB93C8}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C919D8B2-11E4-43C7-A2C2-9294FD2C4106}

Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{5fb66911-2787-49cf-8f96-265e34893e40}

Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{c919d8b2-11e4-43c7-a2c2-9294fd2c4106}

Software\WebSpades

SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWebSpades_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWebSpades_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWebSpades_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWebSpades_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\WebSpades_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\WebSpades_RASMANCS

SOFTWARE\Wow6432Node\WebSpades

SYSTEM\ControlSet001\services\eventlog\Application\Update WebSpades

SYSTEM\ControlSet001\services\eventlog\Application\Util WebSpades

SYSTEM\ControlSet001\services\Update WebSpades

SYSTEM\ControlSet001\Services\UpdaterSvcWebSpades

SYSTEM\ControlSet001\Services\Util WebSpades

SYSTEM\ControlSet002\services\eventlog\Application\Update WebSpades

SYSTEM\ControlSet002\services\eventlog\Application\Util WebSpades

SYSTEM\ControlSet002\services\Update WebSpades

SYSTEM\ControlSet002\Services\Util WebSpades

SYSTEM\CurrentControlSet\services\eventlog\Application\Update WebSpades

SYSTEM\CurrentControlSet\services\eventlog\Application\Util WebSpades

SYSTEM\CurrentControlSet\services\Update WebSpades

SYSTEM\CurrentControlSet\Services\UpdaterSvcWebSpades

SYSTEM\CurrentControlSet\Services\Util WebSpades

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

WebSpades

Directories

WebSpades may create the following directory or directories:

%PROGRAMFILES%\WebSpades

%PROGRAMFILES(x86)%\WebSpades

%TEMP%\WebSpades

URLs

WebSpades may call the following URLs:

WebSpades

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

WebSpades

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove WebSpades

File System Details

Registry Details

Directories

URLs

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen