ShopAtHome.com (Belcaro Group, Inc.)

Publisher Information

ShopAtHome.com (Belcaro Group, Inc.) is a software publisher located in Greenwood Village, Colorado in the United States*. The publisher primarily developes software that can be classified as adware. ShopAtHome provides web browser software designed to provide coupon codes, cash back rebates and other money saving options through web browser extensions that are affiliate supported. There is one additional code signing certificate issued to this publisher.
Remove ShopAtHome.com (Belcaro Group, Inc.) Malware - Powered by Reason Core Security
Authority:
Symantec Corporation

Valid from:
6/25/2013 8:00:00 PM

Valid to:
6/26/2014 7:59:59 PM

Subject:
CN="ShopAtHome.com (Belcaro Group, Inc.)", O="ShopAtHome.com (Belcaro Group, Inc.)", L=Greenwood Village, S=Colorado, C=US, SERIALNUMBER=19871692567, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Colorado, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
237b0d903d7bc26fe5d98f5f4aaf5e42

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ShopAtHome.ShopAtHomeBelcaroGroup.Installer (M), PUP.Conduit.Toolbar.ShopAtHome.Toolbar (M), PUP.ShopAtHome.ShopAtHomeBelcaroGroup (M), PUP.ShopAtHome.ShopAtHomeBelcaroGroup.Toolbar (M)
100.00%

Sophos
SAHAgent, SAHAgent (PUA)
86.00%

Trend Micro House Call
Suspicious_GEN.F47V1108, TROJ_GEN.F47V1021, Suspicious_GEN.F47V1206, TROJ_GEN.F47V0131, Suspicious_GEN.F47V0708
76.00%

G Data
Gen:Variant.Adware.ShopAtHome, Win32.Adware.ShopAtHome
70.00%

Malwarebytes
PUP.Optional.ShopAtHome.A
62.00%

VIPRE Antivirus
Threat.4729122, ShopAtHome
54.00%

AVG
Generic
48.00%

MicroWorld eScan
Gen:Variant.Adware.ShopAtHome.1
46.00%

Bitdefender
Gen:Variant.Adware.ShopAtHome.1
46.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.ShopAtHome
46.00%

9 / 68      (PUP)
uninstall.exe (Internet Explorer Toolbar)  (804729df1401219d39ea489dd2756562)

9 / 68      (PUP)
tbhelper2.exe (Internet Explorer Toolbar)  (1adcc5256a022d5db0a74d01124b3e92)

7 / 68      (Adware)
tbhelper.dll (Internet Explorer Toolbar)  (e1e8662dab9dacb60b915d19cdaca2d3)

9 / 68      (Adware)
TbCommonUtils.dll (Internet Explorer Toolbar)  (99f7effe004777032506987d06879921)

10 / 68    (PUP)

8 / 68      (PUP)
clearhist.exe (Internet Explorer Toolbar)  (79a911c59447babd8d3000be78429de1)

8 / 68      (Adware)

1 / 68      (PUP)
shopathome_app_7.0.4.18_c44388317_d1_r92237.exe  (13b09665432d557aed8c3d3f7a9e897c)

14 / 68    (PUP)

9 / 68      (PUP)

1 / 68      (PUP)
exec.exe  (f696ab192946c6ebe47d75685c1e14db)

14 / 68    (PUP)

11 / 68    (PUP)

16 / 68    (PUP)

1 / 68      (PUP)
shopathomeappinstaller_c99077105_d1_r92261.exe  (a1780ab96521e5978d3f708faacf1c77)

9 / 68      (PUP)
uninstall.exe (Internet Explorer Toolbar)  (a855b32fb64fb1a7bca5f1fc09c0964b)

9 / 68      (PUP)
tbhelper2.exe (Internet Explorer Toolbar)  (9b5db37e1f10b90e5734fc16173945a7)

7 / 68      (Adware)
tbhelper.dll (Internet Explorer Toolbar)  (c6476a697574c666c262675e1b21e0aa)

9 / 68      (Adware)
TbCommonUtils.dll (Internet Explorer Toolbar)  (0f23d9e1d4a4374f25ae9fc798646dae)

10 / 68    (PUP)

8 / 68      (PUP)
clearhist.exe (Internet Explorer Toolbar)  (c94c72708907efc31beaa93caedb9626)

8 / 68      (Adware)

16 / 68    (PUP)

11 / 68    (PUP)

1 / 68      (PUP)
shopathome_app_7.0.4.19_c98414192_d1_r1047471.exe  (e7e158017f056fe31018c8c9985aa6e6)

7 / 68      (Adware)
tbhelper.dll (Internet Explorer Toolbar)  (f255389c86404075cbc39eb8505c2357)

9 / 68      (Adware)
TbCommonUtils.dll (Internet Explorer Toolbar)  (e61ab9e7c66ad06172bc7f3ed51ba33d)

10 / 68    (PUP)

13 / 68    (PUP)

1 / 68      (PUP)
exec.exe  (9e7f5ec3e68686723cbc2787b01d64c0)

 
Latest 30 of 284 files

The following certificate is also signed by ShopAtHome.com (Belcaro Group, Inc.).

38E3C208FF559249F35DC2BBDA16136B  (Jun 04, 2014 to Jun 28, 2017)

Remove ShopAtHome.com (Belcaro Group, Inc.) Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to ShopAtHome.com (Belcaro Group, Inc.) by Symantec Corporation on June 25, 2013 with the serial number '237b0d903d7bc26fe5d98f5f4aaf5e42'.