» shopathomehelperps.dll
Overview
Analysis
File Details
Programs (1)

shopathomehelperps.dll

ShopAtHome.com

The module shopathomehelperps.dll by ShopAtHome.com has been detected as a potentially unwanted program by 15 anti-malware scanners. This file is typically installed with the program ShopAtHome.com Helper by Belcaro Group Inc. which is a potentially unwanted software program.

File name:

Publisher:

ShopAtHome.com (signed and verified)

MD5:

c11f2788a1da433128eab0428741b747

SHA-1:

ee5ed1a1e34c6019b3a05543a3ce48ef44120d42

Scanner detections:

15 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 9:23:03 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.ShopAtHome.1

774

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Bitdefender

Gen:Variant.Adware.ShopAtHome.1

1.0.20.1785

Dr.Web

Trojan.Damaged.1

9.0.1.0357

Emsisoft Anti-Malware

Gen:Variant.Adware.ShopAtHome

8.14.12.23.08

F-Secure

Gen:Variant.Adware.ShopAtHome.1

11.2014-23-12_3

G Data

Gen:Variant.Adware.ShopAtHome

14.12.22

Malwarebytes

PUP.Optional.ShopAtHome.A

v2014.12.23.08

MicroWorld eScan

Gen:Variant.Adware.ShopAtHome.1

15.0.0.1071

Reason Heuristics

PUP.ShopAtHome.S

14.7.22.17

Sophos

SAHAgent

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10160

Trend Micro House Call

TROJ_GEN.F47V0603

7.2.203

Vba32 AntiVirus

Signed-Adware.Sahat

3.12.26.3

VIPRE Antivirus

Threat.4729122

29708

File size:

47.9 KB (49,080 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Documents and Settings\{user}\Application data\shopathome\shopathomehelper\shopathomehelperps.dll

Digital Signature

Signed by:

ShopAtHome.com

Authority:

VeriSign, Inc.

Valid from:

5/25/2010 7:00:00 PM

Valid to:

6/21/2013 6:59:59 PM

Subject:

CN=ShopAtHome.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ShopAtHome.com, L=Greenwood Village, S=Colorado, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

063168411F371B898EE763E4858518C4

Registration

CLSID:

{067ECE13-6DD2-47C7-8EFE-24DA8BC1D8DA}

COM registered:

Yes

File PE Metadata

Compilation timestamp:

10/1/2012 11:25:32 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

768:GQR/7U/8sXX4Z75qhoNUb/dMsxGnTEDD/7vyFZ+FGBIILEbC0Agr:XDw4Z7woNAdMsq+OFZJZ8ChS

Entry address:

0x13D6

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 13, 13, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 00, FF, 15, 5C, 70, 00, 10, C3, FF, 15, 60, 70, 00, 10, C2, 04, 00, 8B, FF, 56, FF, 35, 48, B7, 00, 10, FF, 15, 64, 70, 00, 10, 8B, F0, 85, F6, 75, 1B, FF, 35, 8C, C2, 00, 10, FF, 15, 54, 70, 00, 10, 8B, F0, 56, FF, 35, 48, B7, 00, 10, FF, 15, 68, 70, 00, 10, 8B, C6, 5E, C3, A1, 44, B7, 00, 10, 83, F8, FF, 74, 16, 50, FF, 35, 94, C2, 00, 10, FF, 15, 54, 70, 00, 10... 
[+]

Entropy:

6.0330

Code size:

18.5 KB (18,944 bytes)

The file shopathomehelperps.dll has been discovered within the following program.

ShopAtHome.com Helper by Belcaro Group Inc.

This is the helper application that is installed with the ShopAtHome Toolbar (Browser App).

www.shopathome.com

68% remove it

Remove shopathomehelperps.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.