Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ShopAtHomeWatcher' = '%APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe'
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\Exec.exe %APPDATA%\ShopAtHome\\ShopAtHomeHelper\\ShopAtHomeWatcher.exe
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe -Embedding
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\TbHelper2.exe -RegServer
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\ShopAtHomeHelperInstaller.exe /S -dir="%APPDATA%\ShopAtHome\ShopAtHomeHelper"
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe /s /regserver
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\IE8GuardWorkaround.exe -regserver
- <SYSTEM32>\regsvr32.exe /s "%APPDATA%\ShopAtHome\ShopAtHomeToolbar\TbCommonUtils.dll"
- <SYSTEM32>\regsvr32.exe /s "%APPDATA%\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll"
- <SYSTEM32>\regsvr32.exe /s "%APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelperPS.dll"
- iexplore.exe
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\basis.xml
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\ClearHist.exe
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\icons.bmp
- %TEMP%\nsq3.tmp\xml.dll
- %ALLUSERSPROFILE%\Start Menu\Programs\ShopAtHome.com Toolbar\ShopAtHome.com Uninstall.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\ShopAtHome.com Toolbar\ShopAtHome.com Homepage.url
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\plus.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-alert.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-clearsearch.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\IE8GuardWorkaround.exe
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\logo.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\minus.png
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\alert.html
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\logo.png
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
- %TEMP%\nsw7.tmp\UserInfo.dll
- %TEMP%\nsw7.tmp\KillProcDLL.dll
- %TEMP%\nsw7.tmp\UAC.dll
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\Exec.exe
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\uninst.exe
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\ShopAtHomeUninstall.exe
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelperPS.dll
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\HttpHandle302.dll
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\tbs_include_script_externalsearch.js
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\tbs_include_script_showhidetoolbar.js
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\uninstall.exe
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\ShopAtHomeHelperInstaller.exe
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\ShopAtHomeUninstall.exe
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\TbHelper2.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Prefs[1].xml
- %TEMP%\Prefs.xml.tmp
- %TEMP%\nsq3.tmp\nsDialogs.dll
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\update.exe
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\version.txt
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\postuninstallurl.txt
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-freesamples.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-go.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-grocerycoupons.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-comment.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-contests.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-freecoupons.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-restaurant.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-wishlist.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\SAH_favicon.ico
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-information.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-mysah.png
- %APPDATA%\ShopAtHome\Temp\{311B58DC-A4DC-4B04-B1B5-60299AD3D803}\sahtb-options.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\tbs_include_script_externalsearch.js
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\TbCommonUtils.dll
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\SAHPlugin.dll
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\IE8GuardWorkaround.exe
- %TEMP%\nsq3.tmp\KillProcDLL.dll
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\tbs_include_script_showhidetoolbar.js
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\uninstall.exe
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\update.exe
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\basis.xml
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\TbHelper2.exe
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\tbhelper.dll
- %TEMP%\nsq3.tmp\splash.bmp
- %TEMP%\nsq3.tmp\AdvSplash.dll
- %TEMP%\nsq3.tmp\modern-header.bmp
- %TEMP%\nsk2.tmp
- %TEMP%\nsq3.tmp\UAC.dll
- %TEMP%\nsq3.tmp\HTTPHelper.dll
- %TEMP%\nsa4.tmp
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\Prefs.xml
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\ClearHist.exe
- %TEMP%\nsq3.tmp\modern-wizard.bmp
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\Prefs.xml
- %TEMP%\nsq3.tmp\System.dll
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-wishlist.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\SAH_favicon.ico
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\minus.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-clearsearch.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-information.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-options.png
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\version.txt
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\ShopAtHomeHelperInstaller.exe
- %TEMP%\nsh6.tmp
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\plus.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\version.txt
- %APPDATA%\ShopAtHome\ShopAtHomeHelper\Merchants.xml
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-alert.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-contests.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-freecoupons.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\Merchants.xml
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\icons.bmp
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\logo.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-restaurant.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-mysah.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-comment.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-freesamples.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-go.png
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\sahtb-grocerycoupons.png
- %TEMP%\nsw7.tmp\UAC.dll
- %TEMP%\nsw7.tmp\UserInfo.dll
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\ShopAtHomeHelperInstaller.exe
- %TEMP%\nsw7.tmp\KillProcDLL.dll
- %TEMP%\nsq3.tmp\splash.bmp
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\Prefs.xml
- %APPDATA%\ShopAtHome\ShopAtHomeToolbar\Merchants.xml
- from %APPDATA%\ShopAtHome\ShopAtHomeHelper\Prefs.xml to %APPDATA%\ShopAtHome\ShopAtHomeHelper\PrefsInstall.xml
- from %TEMP%\nsa4.tmp to %APPDATA%\ShopAtHome\ShopAtHomeToolbar\Prefs.xml
- 'www.sh###thome.com':80
- 'tb####.shopathome.com':80
- www.sh###thome.com/toolbarprefs/Prefs.xml
- tb####.shopathome.com/RequestHandler.ashx?cm#################################################################################################################################
- tb####.shopathome.com/RequestHandler.ashx?cm##############################################
- tb####.shopathome.com/RequestHandler.ashx?cm###############################################
- DNS ASK www.sh###thome.com
- DNS ASK tb####.shopathome.com
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''