» ShopAtHome.com (Belcaro Group, Inc.)
Digital Signature
Analysis
Files (302)
Downloads (2)
Distribution (1)
Related (1)

ShopAtHome.com (Belcaro Group, Inc.)

Publisher Information

ShopAtHome.com (Belcaro Group, Inc.) is a software publisher located in Greenwood Village, Colorado in the United States*. The publisher primarily developes software that can be classified as adware. ShopAtHome provides web browser software designed to provide coupon codes, cash back rebates and other money saving options through web browser extensions that are affiliate supported. Thre are 2 additional code signing certificates issued to this publisher.

Authority:

Symantec Corporation

Valid from:

6/25/2013 8:00:00 PM

Valid to:

6/26/2014 7:59:59 PM

Subject:

CN="ShopAtHome.com (Belcaro Group, Inc.)", O="ShopAtHome.com (Belcaro Group, Inc.)", L=Greenwood Village, S=Colorado, C=US, SERIALNUMBER=19871692567, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Colorado, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

237b0d903d7bc26fe5d98f5f4aaf5e42

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.ShopAtHome.ShopAtHomeBelcaroGroup (M), PUP.Conduit.Toolbar.ShopAtHome.Toolbar (M), PUP.ShopAtHome.ShopAtHomeBelcaroGroup.Installer (M), PUP.ShopAtHome.ShopAtHomeBelcaroGroup.Toolbar (M), PUP.ShopAtHome (M), PUP.ShopAtHome.Installer (M), PUP.Conduit.Toolbar (M)

100.00%

Sophos

SAHAgent, SAHAgent (PUA)

54.00%

Trend Micro House Call

TROJ_GEN.F47V0131, Suspicious_GEN.F47V1108, TROJ_GEN.F47V1021, Suspicious_GEN.F47V0708, Suspicious_GEN.F47V1206

46.00%

Malwarebytes

PUP.Optional.ShopAtHome.A

42.00%

G Data

Gen:Variant.Adware.ShopAtHome, Win32.Adware.ShopAtHome

42.00%

VIPRE Antivirus

ShopAtHome, Threat.4729122

32.00%

MicroWorld eScan

Gen:Variant.Adware.ShopAtHome.1

30.00%

Bitdefender

Gen:Variant.Adware.ShopAtHome.1

30.00%

Emsisoft Anti-Malware

Gen:Variant.Adware.ShopAtHome

30.00%

AVG

Generic

30.00%

1 / 68 (PUP)

ShopAtHomeUpdater.exe (ShopAtHome.com Browser App by ShopAtHome.com) (00140152b6ecbea11dc9c30f60dc8318)

1 / 68 (PUP)

ShopAtHomeHelper.exe (ShopAtHome.com Browser App by ShopAtHome.com) (9fa2417e7fd277c4ae97d0091295328a)

1 / 68 (PUP)

ShopAtHomeUpdater.exe (ShopAtHome.com Browser App by ShopAtHome.com) (1c6453503866a380b2af4bc36e18b770)

1 / 68 (PUP)

uninstall.exe (Internet Explorer Toolbar) (037431b11aca00809de981fa39f6867d)

1 / 68 (PUP)

ShopAtHomeUpdater.exe (ShopAtHome.com Browser App by ShopAtHome.com) (739897e404f3a02253c844a65c5660f7)

1 / 68 (PUP)

ShopAtHomeHelper.exe (ShopAtHome.com Browser App by ShopAtHome.com) (375df7c65a4f40ea2982445600607c50)

1 / 68 (PUP)

HttpHandle302.dll (ShopAtHome.com Browser App by ShopAtHome.com) (01b7403e9fa8623616e8a1b646ed7a86)

1 / 68 (PUP)

ShopAtHomeUpdater.exe (ShopAtHome.com Browser App by ShopAtHome.com) (739897e404f3a02253c844a65c5660f7)

1 / 68 (PUP)

ShopAtHomeWatcher.exe (ShopAtHome.com Browser App by ShopAtHome.com) (4d454cafe276bc5a0d552397ce788d01)

1 / 68 (Adware)

tbcore3U.dll (ShopAtHome.com IE Toolbar by ShopAtHome.com) (e83be7b09ab98a902bc019f4f5d122c1)

1 / 68 (PUP)

HttpHandle302.dll (ShopAtHome.com Browser App by ShopAtHome.com) (b7e1f5aec5ba5a65fbe9f0c6d8f3a211)

1 / 68 (PUP)

ShopAtHomeHelper.exe (ShopAtHome.com Browser App by ShopAtHome.com) (06e07445f237d4fd5ef0510e268773b5)

1 / 68 (PUP)

shopathomeappinstaller_c35716700_d1_r1030114.exe (11ed56087d0c5441a0dc7974d18d194e)

1 / 68 (PUP)

content.007 (fb60b7fd2583fd70b827f5f147189f33)

1 / 68 (PUP)

shopathome_app_7.0.5.20_c98417171_d1_r1003442.exe (a6aa5415047efcadd232b7cca7a9b5a1)

1 / 68 (PUP)

shopathome_app_7.0.4.12_c25986782_d1_r92269.exe (56dcc7e872e1da81317cc42de24b6c57)

1 / 68 (PUP)

shopathome_app_c96547631_d1_r92261.exe (30555f330aa693990678fe1af4045e80)

1 / 68 (PUP)

iwebbrowser2.exe (07262a7e6c40a61ffec638fbd265fba1)

7 / 68 (PUP)

uninstall.exe (Internet Explorer Toolbar) (804729df1401219d39ea489dd2756562)

8 / 68 (PUP)

tbhelper2.exe (Internet Explorer Toolbar) (1adcc5256a022d5db0a74d01124b3e92)

7 / 68 (Adware)

tbhelper.dll (Internet Explorer Toolbar) (e1e8662dab9dacb60b915d19cdaca2d3)

8 / 68 (Adware)

TbCommonUtils.dll (Internet Explorer Toolbar) (99f7effe004777032506987d06879921)

9 / 68 (PUP)

SAHPlugin.dll (ShopAtHome.com Browser App by ShopAtHome.com) (a54517306b492775c4c9d18367239146)

7 / 68 (PUP)

clearhist.exe (Internet Explorer Toolbar) (79a911c59447babd8d3000be78429de1)

8 / 68 (Adware)

tbcore3U.dll (ShopAtHome.com IE Toolbar by ShopAtHome.com) (10d9649e327d1bdec2c5086792ee2728)

1 / 68 (PUP)

shopathome_app_7.0.4.18_c44388317_d1_r92237.exe (13b09665432d557aed8c3d3f7a9e897c)

13 / 68 (PUP)

ShopAtHomeHelper.exe (ShopAtHome.com Browser App by ShopAtHome.com) (0a4ee6e52ded75625d65ba659f9c9e1e)

9 / 68 (PUP)

HttpHandle302.dll (ShopAtHome.com Browser App by ShopAtHome.com) (9a9800402830114ba07804529872157e)

1 / 68 (PUP)

exec.exe (f696ab192946c6ebe47d75685c1e14db)

14 / 68 (PUP)

ShopAtHomeHelperPS.dll (ShopAtHome.com Browser App by ShopAtHome.com) (aecff0e62344f3c2d03d5376bb24d70f)

Latest 30 of 302 files

Downloads URLs for files signed by ShopAtHome.com (Belcaro Group, Inc.).

1 / 68 (PUP)

http://toolbar.shopathome.com/install/download.aspx?subid=&owner=nonbundle&refer=1033150&src=SEPDSE&CID=108424045&DSP=0&bitiid=228&finst=true&surl=http://www.shopathome.com/.../tjmaxx.com?refer=1033150&eurl=&turl= (shopathome_app_7.0.4.19_c98414192_d1_r1047471.exe)

1 / 68 (PUP)

http://toolbar.shopathome.com/install/download.aspx?subid=&owner=nonbundle&refer=1003442&src=SEPDSE&CID=98417171&DSP=0&bitiid=191&finst=true&surl=http://.../grocery-coupons&eurl=&turl= (shopathome_app_7.0.5.20_c98417171_d1_r1003442.exe)

Distribution

The following websites host and distribute files published by ShopAtHome.com (Belcaro Group, Inc.).

toolbar.shopathome.com

The certificates below are also signed by ShopAtHome.com (Belcaro Group, Inc.).

07785E5E630E86D47CCCF32A210DA4D1 (Sep 26, 2016 to Jul 30, 2019)

38E3C208FF559249F35DC2BBDA16136B (Jun 04, 2014 to Jun 28, 2017)

The following publishers (by Authenticode signature organization name) are related.

ShopAtHome.com

* Note, the details and description above are based on the code signing digital signature issued to ShopAtHome.com (Belcaro Group, Inc.) by Symantec Corporation on June 25, 2013 with the serial number '237b0d903d7bc26fe5d98f5f4aaf5e42'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.