TbCommonUtils.dll

Internet Explorer Toolbar

ShopAtHome.com (Belcaro Group, Inc.)

The module TbCommonUtils.dll, “Internet Explorer Toolbar Common Utils” by ShopAtHome.com (Belcaro Group,) has been detected as adware by 8 anti-malware scanners.
Publisher:
ShopAtHome.com (Belcaro Group, Inc.)  (signed and verified)

Product:
Internet Explorer Toolbar

Description:
Internet Explorer Toolbar Common Utils

Version:
4.3.0.19

MD5:
99f7effe004777032506987d06879921

SHA-1:
b4d707214d6a336e6f7cdf007cacf6ac27f8c91f

SHA-256:
15730fc5a00c2ca5ff76d63010c7df249401798451650ca567a610835ddd12df

Scanner detections:
8 / 68

Status:
Adware

Explanation:
Part of the Conduit Toolbar platform.

Analysis date:
11/16/2024 2:39:54 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2017.0.2834

Dr.Web
Adware.Shopper.957
9.0.1.045

Malwarebytes
PUP.Optional.ShopAtHome
v2016.02.14.03

McAfee
Artemis!8AFE1BED3A60
5600.6490

Reason Heuristics
PUP.Conduit.Toolbar.ShopAtHome.Toolbar (M)
16.2.14.3

Sophos
SAHAgent (PUA)
4.98

Trend Micro House Call
Suspicious_GEN.F47V0708
7.2.45

VIPRE Antivirus
ShopAtHome
38194

File size:
105.6 KB (108,176 bytes)

Product version:
4.3.0.19

Copyright:
Copyright © 2001-2012. All rights reserved.

Original file name:
TbCommonUtils.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\shopathome\shopathometoolbar\tbcommonutils.dll

Digital Signature
Authority:
Symantec Corporation

Valid from:
6/25/2013 8:00:00 PM

Valid to:
6/26/2014 7:59:59 PM

Subject:
CN="ShopAtHome.com (Belcaro Group, Inc.)", O="ShopAtHome.com (Belcaro Group, Inc.)", L=Greenwood Village, S=Colorado, C=US, SERIALNUMBER=19871692567, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Colorado, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
237B0D903D7BC26FE5D98F5F4AAF5E42

File PE Metadata
Compilation timestamp:
10/4/2013 1:40:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:08/cUDafEIkTxtawwOU/E2LikxvPtP7se5WkP0IttwHug+V87:sfEImiE219PtP7se5eIrwHugy87

Entry address:
0x90B9

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 1E, 36, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 78, 75, 01, 10, 89, 0D, 74, 75, 01, 10, 89, 15, 70, 75, 01, 10, 89, 1D, 6C, 75, 01, 10, 89, 35, 68, 75, 01, 10, 89, 3D, 64, 75, 01, 10, 66, 8C, 15, 90, 75, 01, 10, 66, 8C, 0D, 84, 75, 01, 10, 66, 8C, 1D, 60, 75, 01, 10, 66, 8C, 05, 5C, 75, 01, 10, 66, 8C, 25, 58, 75, 01, 10, 66, 8C, 2D, 54, 75, 01, 10, 9C, 8F, 05, 88, 75...
 
[+]

Entropy:
6.3305

Code size:
61 KB (62,464 bytes)

Remove TbCommonUtils.dll - Powered by Reason Core Security