Shop-Up

Shop-Up Description

Shop-Up is an actual application that is said to be legitimate but has the tendency to display random commercial pop-up advertisements. Most of the ads displayed by Shop-Up attempt to offer online shopping savings and coupon deals. Even though Shop-Up is not a virus or malware, it can be considered to be annoying from the several ads that it displays at random on a system that it is installed on. Removal of Shop-Up should be done to stop the ads from being displayed potentially interrupting use of your system or surfing the internet using a popular web browser application.

Infected with Shop-Up? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect Shop-Up

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.
Aliases: W32.Clod7ad.Trojan.8141 [Bkav], TROJ_GEN.R047H05JH13 [TrendMicro-HouseCall], not-a-virus:AdWare.Win32.Lyckriks.ly [Kaspersky], Adware.Generic.610485 (B) [Emsisoft], Generic PUA JL [Sophos], AdWare/Lyckriks.dm [Jiangmin], AdWare/Win32.Lyckriks [Antiy-AVL], Win32.Troj.Generic.a.(kcloud) [Kingsoft], a variant of Win32/Toolbar.CrossRider.K [ESET-NOD32], Adware/Lyckriks [Fortinet], Generic5.AIIQ [AVG], Adware.FindLyrics [Symantec], Trojan ( 0048e2ed1 ) [K7GW], Artemis!0649C84A801C [McAfee] and Artemis!F5FD1BA18582 [McAfee].

Technical Information

Infection Statistics


Our MalwareTracker shows malware activity across the world. Explore real-time data of Shop-Up outbreaks and other threats from global to local level.

File System Details

Shop-Up creates the following file(s):
# File Name Size MD5 Detection Count
1 %PROGRAMFILES%\Shop-Up\Shop-Up-bho.dll 598,528 66137d0fb467f5b76ba01c28340b242e 586
2 %PROGRAMFILES(x86)%\Shop-Up\Shop-Up-enabler.exe 346,624 e1cba0dfb6b4b68e47168c99c51c3f2a 5,352
3 %PROGRAMFILES(x86)%\Shop-Up\Shop-Up-updater.exe 391,680 7b8e24bc969730790d5b010310f986cd 4,951
4 %PROGRAMFILES%\Shop-Up\Shop-Up-chromeinstaller.exe 484,864 0649c84a801cab88d5aa536695056e7f 4,595
5 %PROGRAMFILES%\Shop-Up\Shop-Up-codedownloader.exe 487,424 0bd6b44644641c0e3659d920526542cf 4,415
6 %PROGRAMFILES(x86)%\Shop-Up\Shop-Up-firefoxinstaller.exe 722,944 ac58189b0ffa0ef916473a6d56c0d97d 3,113
7 %PROGRAMFILES(x86)%\shop-up\shop-up-bg.exe 738,304 687897f2316a4c399aa07f2fb4200c19 208
8 %PROGRAMFILES(x86)%\Shop-Up\Uninstall.exe 115,200 bf3302472f98b5908c2a94aa0ed16cf7 103
9 %PROGRAMFILES%\shop-up\shop-up-buttonutil.exe 343,552 7a117c59abcb9110fb67e92c8b978cb6 84
10 %WinDir%\Tasks\Shop-Up-updater 75
11 %WinDir%\Tasks\Shop-Up-firefoxinstaller 72
12 %WinDir%\Tasks\Shop-Up-enabler 69
13 %WinDir%\Tasks\Shop-Up-codedownloader 66
14 %WinDir%\Tasks\Shop-Up-chromeinstaller 62
15 %PROGRAMFILES(x86)%\Shop-Up\Shop-Up-bho64.dll 940,544 500be214ac12367d9ff78681aa5833b6 2,330

More files

Registry Details

Shop-Up creates the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
CrossriderApp0042822.BHO
CrossriderApp0042822.BHO.1
CrossriderApp0042822.Sandbox
CrossriderApp0042822.Sandbox.
Software\AppDataLow\Software\Shop-Up
SOFTWARE\Classes\CrossriderApp0042822.BHO
SOFTWARE\Classes\CrossriderApp0042822.BHO.1
Software\InstalledBrowserExtensions\Winportal, value: 42822
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ee054ca-7614-4ae7-a014-53dfcdaace7e}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94d5bbb9-8461-4f9a-926c-d191e5c1fd71}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C0F239-8BA8-4D41-842D-8D1F59E14660}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6ABEC43-E1CD-465C-B176-3CBDB040812A}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F12DE84F-27F5-4757-9EBD-508990551913}
SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION, value: Shop-Up-bg.exe
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21C8AF9D-84BD-4CF5-9E6B-B66E035E2A8F}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{822544A7-A122-4365-990E-0372D5C4C7D4}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21C8AF9D-84BD-4CF5-9E6B-B66E035E2A8F}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C704E2E-508D-45BA-9704-1F0DAC7B8CD3}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{822544A7-A122-4365-990E-0372D5C4C7D4}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F895DDDB-EFC6-41D5-A827-98EEC5FC63C0}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCBE5DA2-4F02-44A0-916A-30B982A91B3F}
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Shop-Up-codedownloader
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Shop-Up-enabler
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Shop-Up-firefoxinstaller
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Shop-Up-updater
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411281122}
SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411281122}
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop-Up
SOFTWARE\Shop-Up
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12c06a37-1ac5-440d-85aa-a3375af63f9d}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4008e9db-e90a-458c-a87e-00b5febf2a1d}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ba583d7-b5d1-4c0e-83fa-3185f6bfaaa2}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ee054ca-7614-4ae7-a014-53dfcdaace7e}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94d5bbb9-8461-4f9a-926c-d191e5c1fd71}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION, value: Shop-Up-bg.exe
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411281122}
The following CLSID's were found:
HKEY..\..\{CLSID Path}
{44444444-4444-4444-4444-440444284422}
{22222222-2222-2222-2222-220422282222}
{11111111-1111-1111-1111-110411281122}
{55555555-5555-5555-5555-550455285522}
{66666666-6666-6666-6666-660466286622}

Site Disclaimer

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 8 + 4 ?