» ShopAtHomeHelperPS.dll
Overview
Analysis
File Details

ShopAtHomeHelperPS.dll

ShopAtHome.com Browser App

ShopAtHome.com (Belcaro Group, Inc.)

The module ShopAtHomeHelperPS.dll, “ShopAtHome.com Cash Back Helper” by ShopAtHome.com (Belcaro Group,) has been detected as a potentially unwanted program by 14 anti-malware scanners.

File name:

Publisher:

ShopAtHome.com (signed by ShopAtHome.com (Belcaro Group, Inc.))

Product:

ShopAtHome.com Browser App

Description:

ShopAtHome.com Cash Back Helper

Version:

7.0.4.15

MD5:

aecff0e62344f3c2d03d5376bb24d70f

SHA-1:

99b26a004d584f47ef520efc2dd89522f8aee780

SHA-256:

95407b4ced967f79cf29378503d9dca4f47f3142e8f5009023999e9da77a82f0

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 1:24:43 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.ShopAtHome.1

373

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Bitdefender

Gen:Variant.Adware.ShopAtHome.1

1.0.20.140

Dr.Web

Trojan.Damaged.1

9.0.1.028

Emsisoft Anti-Malware

Gen:Variant.Adware.ShopAtHome

8.16.01.28.09

F-Secure

Gen:Variant.Adware.ShopAtHome.1

11.2016-28-01_5

G Data

Gen:Variant.Adware.ShopAtHome

16.1.22

Malwarebytes

PUP.Optional.ShopAtHome.A

v2016.01.28.09

MicroWorld eScan

Gen:Variant.Adware.ShopAtHome.1

17.0.0.84

Reason Heuristics

PUP.ShopAtHome.ShopAtHomeBelcaroGroup (M)

16.1.28.9

Sophos

SAHAgent

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

9358

Trend Micro House Call

Suspicious_GEN.F47V1206

7.2.28

VIPRE Antivirus

Threat.4729122

29708

File size:

54.6 KB (55,952 bytes)

Product version:

7.0.4.15

Original file name:

ShopAtHomeHelperPS.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\shopathome\shopathomehelper\shopathomehelperps.dll

Digital Signature

Signed by:

ShopAtHome.com (Belcaro Group, Inc.)

Authority:

Symantec Corporation

Valid from:

6/25/2013 8:00:00 PM

Valid to:

6/26/2014 7:59:59 PM

Subject:

CN="ShopAtHome.com (Belcaro Group, Inc.)", O="ShopAtHome.com (Belcaro Group, Inc.)", L=Greenwood Village, S=Colorado, C=US, SERIALNUMBER=19871692567, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Colorado, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

237B0D903D7BC26FE5D98F5F4AAF5E42

File PE Metadata

Compilation timestamp:

12/16/2013 3:09:16 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

768:NU11tkPvLtkzYHNxhmYRjmnTEDjdMsOJ9U3vy5WVNrfiq0o6i:N2TeNPXRs2dMs89Z5WVNrfxB

Entry address:

0x28DD

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 1C, 14, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 80, D3, 00, 10, 89, 0D, 7C, D3, 00, 10, 89, 15, 78, D3, 00, 10, 89, 1D, 74, D3, 00, 10, 89, 35, 70, D3, 00, 10, 89, 3D, 6C, D3, 00, 10, 66, 8C, 15, 98, D3, 00, 10, 66, 8C, 0D, 8C, D3, 00, 10, 66, 8C, 1D, 68, D3, 00, 10, 66, 8C, 05, 64, D3, 00, 10, 66, 8C, 25, 60, D3, 00, 10, 66, 8C, 2D, 5C, D3, 00, 10, 9C, 8F, 05, 90, D3... 
[+]

Entropy:

6.1427

Code size:

23.5 KB (24,064 bytes)

Remove ShopAtHomeHelperPS.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.