Removal instructions for Shop_an_Up

Metallica · June 7, 2014

What is Shop_an_Up?

The Malwarebytes research team has determined that Shop_an_Up is a browser hijacker. These so-called "hijackers" alter your startpage or searchscopes so that the affected browser visits their site or one of their choice. This one also displays advertisements.

How do I know if my computer is affected by Shop_an_Up?

You may see these browser extensions/add-ons:

and this entry in your list of installed programs:

How did Shop_an_Up get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was bundled with other software.

How do I remove Shop_an_Up?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted application.

Please download Malwarebytes Anti-Malware to your desktop.
Double-click mbam-setup-version.exe and follow the prompts to install the program.
At the end, be sure a check-mark is placed next to the following:
- Enable free trial of Malwarebytes Anti-Malware Premium
- Launch Malwarebytes Anti-Malware
Then click Finish.
If an update is found, you will be prompted to download and install the latest version.
Once the program has loaded, select Scan now.
When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
Reboot your computer if prompted.

Is there anything else I need to do to get rid of Shop_an_Up?

No, Malwarebytes' Anti-Malware removes Shop_an_Up completely.

How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Shop_an_Up hijacker. It would have warned you before the rogue could install itself, giving you a chance to stop it before it became too late.

Technical details for experts

Signs in a HijackThis log:

O2 - BHO: CrossriderApp0042822 - {11111111-1111-1111-1111-110411281122} - C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-bho.dll

Alterations made by the installer:

File system details  ---------------------------------------------    Adds the folder C:\Program Files\Shop_an_Up-1.4       Adds the file 1293297481.mxaddon"="5/22/2014 2:40 PM, 38693 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-2.exe"="6/7/2014 8:24 PM, 359936 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-3.exe"="6/7/2014 8:23 PM, 1892352 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-4.exe"="6/7/2014 8:23 PM, 833536 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-5.exe"="6/7/2014 8:24 PM, 455168 bytes, A       Adds the file 360-42822.crx"="6/7/2014 8:23 PM, 277223 bytes, A       Adds the file 42822.crx"="6/7/2014 8:23 PM, 276033 bytes, A       Adds the file 42822.xpi"="6/7/2014 8:23 PM, 464322 bytes, A       Adds the file background.html"="6/1/2014 6:55 AM, 729 bytes, A       Adds the file bgNova.html"="6/1/2014 6:55 AM, 729 bytes, A       Adds the file Shop_an_Up-1.4.ico"="6/1/2014 6:56 AM, 15086 bytes, A       Adds the file Shop_an_Up-1.4-bg.exe"="6/7/2014 8:24 PM, 560640 bytes, A       Adds the file Shop_an_Up-1.4-bho.dll"="6/7/2014 8:24 PM, 536064 bytes, A       Adds the file Shop_an_Up-1.4-codedownloader.exe"="6/7/2014 8:24 PM, 504832 bytes, A       Adds the file Shop_an_Up-1.4-nova.dll"="6/7/2014 8:23 PM, 117760 bytes, A       Adds the file Shop_an_Up-1.4-nova.exe"="6/7/2014 8:23 PM, 589312 bytes, A       Adds the file Shop_an_Up-1.4-novainstaller.exe"="6/7/2014 8:23 PM, 504832 bytes, A       Adds the file Uninstall.exe"="6/7/2014 8:23 PM, 79872 bytes, A       Adds the file utils.exe"="6/7/2014 8:23 PM, 2253605 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com       Adds the file chrome.manifest"="6/7/2014 8:23 PM, 732 bytes, A       Adds the file install.rdf"="6/7/2014 8:23 PM, 1331 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\defaults\preferences       Adds the file prefs.js"="6/7/2014 8:24 PM, 3974 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData       Adds the file manifest.xml"="6/7/2014 8:23 PM, 1674 bytes, A       Adds the file plugins.json"="6/7/2014 8:23 PM, 11756 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\userCode       Adds the file background.js"="6/7/2014 8:24 PM, 429 bytes, A       Adds the file extension.js"="6/7/2014 8:24 PM, 1 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\locale\en-US       Adds the file translations.dtd"="6/7/2014 8:23 PM, 425 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin    In the existing folder C:\Windows\System32\Tasks       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-1"="6/7/2014 8:24 PM, 4406 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-2"="6/7/2014 8:24 PM, 4374 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-3"="6/7/2014 8:23 PM, 6490 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-4"="6/7/2014 8:24 PM, 5176 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-5"="6/7/2014 8:24 PM, 4478 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-6"="6/7/2014 8:23 PM, 4408 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-7"="6/7/2014 8:23 PM, 4342 bytes, A    In the existing folder C:\Windows\Tasks       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-1.job"="6/7/2014 8:24 PM, 1376 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-2.job"="6/7/2014 8:24 PM, 1344 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-3.job"="6/7/2014 8:23 PM, 3460 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-4.job"="6/7/2014 8:23 PM, 2146 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-5.job"="6/7/2014 8:24 PM, 1448 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-6.job"="6/7/2014 8:23 PM, 1378 bytes, A       Adds the file 1d7b69fe-9686-45b6-8a43-97659dd401d8-7.job"="6/7/2014 8:23 PM, 1314 bytes, ARegistry details  ------------------------------------------    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}]       "(Default)"="REG_SZ", "Shop_an_Up-1.4"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}\Implemented Categories]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}\Implemented Categories\{59fb2056-d625-48d0-a944-1a85b5ab2640}]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}\InprocServer32]       "(Default)"="REG_SZ", "C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-bho.dll"       "ThreadingModel"="REG_SZ", "Apartment"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}\ProgID]       "(Default)"="REG_SZ", "CrossriderApp0042822.BHO.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440444284422}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411281122}\VersionIndependentProgID]       "(Default)"="REG_SZ", "CrossriderApp0042822"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422282222}]       "(Default)"="REG_SZ", "CrossriderApp0042822.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422282222}\InprocServer32]       "(Default)"="REG_SZ", "C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-bho.dll"       "ThreadingModel"="REG_SZ", "Apartment"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422282222}\ProgID]       "(Default)"="REG_SZ", "CrossriderApp0042822.Sandbox.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422282222}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422282222}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440444284422}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422282222}\VersionIndependentProgID]       "(Default)"="REG_SZ", "CrossriderApp0042822.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.BHO]       "(Default)"="REG_SZ", "CrossriderApp0042822"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.BHO\CLSID]       "(Default)"="REG_SZ", "{11111111-1111-1111-1111-110411281122}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.BHO\CurVer]       "(Default)"="REG_SZ", "CrossriderApp0042822"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.BHO.1]       "(Default)"="REG_SZ", "CrossriderApp0042822"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.BHO.1\CLSID]       "(Default)"="REG_SZ", "{11111111-1111-1111-1111-110411281122}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.Sandbox]       "(Default)"="REG_SZ", "CrossriderApp0042822.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.Sandbox\CLSID]       "(Default)"="REG_SZ", "{22222222-2222-2222-2222-220422282222}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.Sandbox\CurVer]       "(Default)"="REG_SZ", "CrossriderApp0042822.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.Sandbox.1]       "(Default)"="REG_SZ", "CrossriderApp0042822.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0042822.Sandbox.1\CLSID]       "(Default)"="REG_SZ", "{22222222-2222-2222-2222-220422282222}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455285522}]       "(Default)"="REG_SZ", "ICrossriderBHO"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455285522}\ProxyStubClsid]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455285522}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455285522}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440444284422}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466286622}]       "(Default)"="REG_SZ", "ISandBox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466286622}\ProxyStubClsid]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466286622}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466286622}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440444284422}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444284422}\1.0]       "(Default)"="REG_SZ", "CrossriderApp0042822 Type Library"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444284422}\1.0\0\win32]       "(Default)"="REG_SZ", "C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-bho.dll"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444284422}\1.0\FLAGS]       "(Default)"="REG_SZ", "0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444284422}\1.0\HELPDIR]       "(Default)"="REG_SZ", "C:\Program Files\Shop_an_Up-1.4"    [HKEY_LOCAL_MACHINE\SOFTWARE\InstalledBrowserExtensions\23586]       "42822"="REG_SZ", "Shop_an_Up-1.4"    [HKEY_LOCAL_MACHINE\SOFTWARE\InstalledBrowserExtensions\23586\Status]       "Installed"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411281122}]       "(Default)"="REG_SZ", "CrossriderApp0042822"       "NoExplorer"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]       "{11111111-1111-1111-1111-110411281122}"="REG_SZ", "1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop_an_Up-1.4]       "CrAppId"="REG_SZ", "42822"       "CrPublisherId"="REG_SZ", "23586"       "DisplayIcon"="REG_SZ", "C:\Program Files\Shop_an_Up-1.4\utils.exe"       "DisplayName"="REG_SZ", "Shop_an_Up-1.4"       "DisplayVersion"="REG_SZ", "1.34.5.29"       "Publisher"="REG_SZ", "Winportal"       "UninstallString"="REG_SZ", "C:\Program Files\Shop_an_Up-1.4\Uninstall.exe /fcp=1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]       "1d7b69fe-9686-45b6-8a43-97659dd401d8-1.job"="REG_BINARY, ................................       "1d7b69fe-9686-45b6-8a43-97659dd401d8-1.job.fp"="REG_DWORD", 410539133       "1d7b69fe-9686-45b6-8a43-97659dd401d8-2.job"="REG_BINARY, ...................u............       "1d7b69fe-9686-45b6-8a43-97659dd401d8-2.job.fp"="REG_DWORD", -1963531073       "1d7b69fe-9686-45b6-8a43-97659dd401d8-3.job"="REG_BINARY, ................................       "1d7b69fe-9686-45b6-8a43-97659dd401d8-3.job.fp"="REG_DWORD", -234083687       "1d7b69fe-9686-45b6-8a43-97659dd401d8-4.job"="REG_BINARY, ................................       "1d7b69fe-9686-45b6-8a43-97659dd401d8-4.job.fp"="REG_DWORD", 122091858       "1d7b69fe-9686-45b6-8a43-97659dd401d8-5.job"="REG_BINARY, ................................       "1d7b69fe-9686-45b6-8a43-97659dd401d8-5.job.fp"="REG_DWORD", -1860451672       "1d7b69fe-9686-45b6-8a43-97659dd401d8-6.job"="REG_BINARY, ................................       "1d7b69fe-9686-45b6-8a43-97659dd401d8-6.job.fp"="REG_DWORD", 561499661       "1d7b69fe-9686-45b6-8a43-97659dd401d8-7.job"="REG_BINARY, ................................       "1d7b69fe-9686-45b6-8a43-97659dd401d8-7.job.fp"="REG_DWORD", -1738909026    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\Code]       "AppJavaScript"="REG_SZ", ""       "BgJavaScript"="REG_SZ", "{ javascript removed, full log available on request}"       "NewTabJavaScript"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\Debug]       "IsDebuggingPlugins"="REG_DWORD", 0    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\Firefox]       "TotalProfiles"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\Firefox\Profiles]       "C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\IE]       "TotalProfiles"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\IE\Profiles]       "S-1-5-21-4016700205-1717049133-1125222536-1001"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\Installer]       "Bic"="REG_SZ", "4F1488AB32644E489862AF0E01D87D99IE"       "BundledChrome"="REG_DWORD", 1       "BundledFirefox"="REG_DWORD", 1       "BundledIe"="REG_DWORD", 1       "BundledNova"="REG_DWORD", 1       "CodeDownloadDomain"="REG_SZ", "http://js.datademoserv.com"       "DefaultBrowser"="REG_SZ", "ie"       "ErrorsDomain"="REG_SZ", "http://errors.datademoserv.com"       "FullVersion"="REG_SZ", "1.34.5.29"       "FullVersionForUrl"="REG_SZ", "1_34_05_29"       "OsName"="REG_SZ", "7"       "Params"="REG_SZ", "{   "source_id" : "001310",   "sub_id" : "0",   "uzid" : "0"}"       "SrcId"="REG_SZ", "001310"       "StatsDomain"="REG_SZ", "http://stats.datademoserv.com"       "SubId"="REG_SZ", "0"       "Time"="REG_SZ", "1402165427"       "Verifier"="REG_SZ", "3740d8a7081243ce6676e0e73fad61a4"       "ZData"="REG_SZ", "0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\Manifest]       "AddressbarURL"="REG_SZ", "NA"       "BgVersion"="REG_SZ", "1"       "ChangePrevious"="REG_SZ", "false"       "Description"="REG_SZ", "Shop-Up"       "DisableIe"="REG_SZ", "true"       "EnableSearchIE"="REG_SZ", "false"       "HomePageUrl"="REG_SZ", "NA"       "IsButtonEnabled"="REG_SZ", "false"       "Manifest"="REG_SZ", "NA"       "ModeType"="REG_SZ", "production"       "Name"="REG_SZ", "Shop-Up"       "PluginsManifestVersion"="REG_SZ", "97"       "PublisherId"="REG_SZ", "23586"       "PublisherName"="REG_SZ", "Winportal"       "RunInFrame"="REG_SZ", "false"       "SetNewTab"="REG_SZ", "false"       "ThanksUrl"="REG_SZ", "NA"       "UninstallerOfferAction"="REG_SZ", "NA"       "UninstallerOfferUrl"="REG_SZ", "NA"       "UpdateInterval"="REG_DWORD", 360       "Version"="REG_SZ", "103"    [HKEY_LOCAL_MACHINE\SOFTWARE\Shop_an_Up-1.4\Plugins]       "AppPluginList"="REG_SZ", "246,14,78,4,93,102,123,155,180,184,191,192,193,223,233,242,263,264,91"       "BgPluginList"="REG_SZ", "246,4,14,78,251,249,250,271,93,102,123,155,180,184,191,192,193,223,233,242,263,264,91"       "BrowserEventPluginList"="REG_SZ", "14"       "NewTabPluginList"="REG_SZ", "14,78,4"       "OnRequestPluginList"="REG_SZ", "14"       "PopupPluginList"="REG_SZ", "4,14,78"    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Shop_an_Up-1.4\Update]       "LastCheck"="REG_DWORD", 1402165441    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\23586]       "42822"="REG_SZ", "Shop_an_Up-1.4"    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\23586\Status]       "Installed"="REG_DWORD", 1    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\Winportal]       "42822"="REG_SZ", "Shop_an_Up-1.4"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411281122}]       "Flags"="REG_DWORD", 1024

Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 6/7/2014Scan Time: 8:30:51 PMLogfile: mbamShopanUp.txtAdministrator: YesVersion: 2.00.2.1012Malware Database: v2014.06.07.05Rootkit Database: v2014.06.02.01License: TrialMalware Protection: DisabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x86File System: NTFSUser: MalwarebytesScan Type: Threat ScanResult: CompletedObjects Scanned: 228796Time Elapsed: 3 min, 1 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 1PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-nova.exe, 2736, Delete-on-Reboot, [b5ecfd78265549ed736b0c797e83837d]Modules: 0(No malicious items detected)Registry Keys: 20PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110411281122}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440444284422}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550455285522}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660466286622}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0042822.BHO.1, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411281122}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0042822.BHO, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110411281122}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110411281122}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220422282222}, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0042822.Sandbox.1, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0042822.Sandbox, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110411281122}\INPROCSERVER32, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\Shop_an_Up-1.4, Quarantined, [3e63ed8855260a2c639c3168877b659b], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\23586, Quarantined, [1f8262136b1022146873317b2dd5ce32], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [4859a3d26f0c0234717e9053a85ba858], PUP.Optional.ShopUp.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Shop_an_Up-1.4, Quarantined, [643dbdb88bf0201646b71d7ce81a1ce4], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\23586, Quarantined, [f8a97cf919623ff7528ac3e9cb37ce32], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Winportal, Quarantined, [643d8fe6de9d4fe76fbe6744a1613fc1], PUP.Optional.ShopUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Shop_an_Up-1.4, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 14PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\defaults, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\defaults\preferences, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\userCode, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\locale, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\locale\en-US, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], Files: 142PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-nova.exe, Quarantined, [b5ecfd78265549ed736b0c797e83837d], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-bho.dll, Quarantined, [732e33424e2d053124ba5d28d92832ce], PUP.Optional.crossRider.A, C:\Users\{username}\Desktop\Shop_an_Up-1.4.exe, Quarantined, [366be98c5b20e84e7574073853adb749], PUP.Optional.CrossRider.A, C:\Windows\Tasks\1d7b69fe-9686-45b6-8a43-97659dd401d8-1.job, Quarantined, [ebb62451760562d4441c0f9c6c96b54b], PUP.Optional.CrossRider.A, C:\Windows\Tasks\1d7b69fe-9686-45b6-8a43-97659dd401d8-2.job, Quarantined, [445d32437ffc85b1421e614ac141fc04], PUP.Optional.CrossRider.A, C:\Windows\Tasks\1d7b69fe-9686-45b6-8a43-97659dd401d8-3.job, Quarantined, [51502a4b8dee9e981b45713ac33fea16], PUP.Optional.CrossRider.A, C:\Windows\Tasks\1d7b69fe-9686-45b6-8a43-97659dd401d8-4.job, Quarantined, [7d24b8bd196285b1e67ae6c5946ea957], PUP.Optional.CrossRider.A, C:\Windows\Tasks\1d7b69fe-9686-45b6-8a43-97659dd401d8-5.job, Quarantined, [8021ec890e6d92a4a8b86f3c42c04eb2], PUP.Optional.CrossRider.A, C:\Windows\Tasks\1d7b69fe-9686-45b6-8a43-97659dd401d8-6.job, Quarantined, [7d2425504932b68079e7d7d459a99f61], PUP.Optional.CrossRider.A, C:\Windows\Tasks\1d7b69fe-9686-45b6-8a43-97659dd401d8-7.job, Quarantined, [29783e37700bf343263a179429d9a759], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome.manifest, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\install.rdf, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\25e964359b18d61615c6b838a808cc08.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\7a772b4ccaea27f03e1a462915cf5c9d.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\background.html, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\browser.xul, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\c0e72f94fad120c1b01e447306ed8d4c.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\d525f6c6a07ed72437cfda97ff469ca3.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\dialog.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\e8bd59b29a3cc908dd65a814e7563477.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\ffCoreFilesIndex.txt, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\options.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\options.xul, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\search_dialog.xul, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\6e867758bc0c459a1d1c529f73fae6ae.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\09a4c871bda63ed6c22b03783c98e277.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\23cd6a5af3bd9125545349b53fa69d16.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\35151d110d8fe80ed9767b5305df905f.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\3ce81130729113270366751688f96c98.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\41f3fb10bb0e98f5b4e91bccacc5321b.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\47f56a038cff0b0c2789cdd44d466f3f.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\671ecacc749e3ee4955591969d107960.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\6c7d791929004c2a04c6a0b7f6641d0c.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\781e60c9e8dde26c546e34b5affd57c7.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\7978b503eb775370c753f017c61b284d.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\f4a36dc7337d24b52c68fa772a838771.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\f5e6683e16adc7ebec3f64d6d31de3eb.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\f986e2b63bf43a26b4e70fcb35cf4976.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\fa215438a479ba4896309750f20fb443.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\api\fc95047460cdb736fdfcb87c3071aa06.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\82ece24071f1a95984886d35d0bd09e3.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\029fbd81789b9e2ae76784b72e3c5921.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\1f290721c928c44da16523d4a0a4ca73.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\41316fd6664870a89f6735707d68df03.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\425be169d5489e8c097506eef41bebf9.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\4495fba43f52663db8fd4ed04ad548f9.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\5104113c29f78246d74cd4f32d92f44b.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\5faa4356f24ed6b17742c84f624a0e42.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\614adefa7f52fdc7bc290cf7756cbd7b.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\7e8d4e3c84426f4c09151b268bcd3564.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\86ed1e668a8bb24852248424774e2a76.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\a7a2da56df186020f23f3201c6cb0bc6.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\a9eac9110644b60b779e3a7d5bd770ef.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\b56b3dba9c58161018fc83ede1da2781.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\b87eab0f0294dc99db5402b797ed654b.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\bd6c094011ca67ab9baf49351050fb91.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\c19bed797c7a20c5f32dafdcbc5cf836.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\e357d52c4752e075dd18da9e515173bd.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\ebf1e0da271b09da3521abcf34585144.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\f4010585bf6e2f42dc3048cfada4fc09.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\chrome\content\core\installer.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\defaults\preferences\prefs.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\manifest.xml, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins.json, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\22.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\1.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\102.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\104.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\123.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\13.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\14.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\155.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\158.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\16.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\17.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\177.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\180.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\182.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\183.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\184.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\191.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\192.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\193.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\195.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\207.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\21.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\220.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\221.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\223.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\233.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\242.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\246.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\263.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\264.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\266.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\268.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\28.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\4.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\47.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\64.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\7.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\72.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\78.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\9.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\91.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\93.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\plugins\98.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\userCode\background.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\extensionData\userCode\extension.js, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\locale\en-US\translations.dtd, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\button1.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\button2.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\button3.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\button4.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\button5.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\crossrider_statusbar.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\icon128.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\icon16.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\icon24.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\icon48.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\panelarrow-up.png, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\popup.html, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\skin.css, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\a346f15b-f72e-4205-b29d-52ad46792214@bf4b3822-f1de-4b29-8f70-c0a27f6ca2b8.com\skin\update.css, Quarantined, [4c5584f1bcbfee488bdd3f4a38caf60a], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-bg.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\1293297481.mxaddon, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\1d7b69fe-9686-45b6-8a43-97659dd401d8-2.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\1d7b69fe-9686-45b6-8a43-97659dd401d8-3.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\1d7b69fe-9686-45b6-8a43-97659dd401d8-4.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\1d7b69fe-9686-45b6-8a43-97659dd401d8-5.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\360-42822.crx, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\42822.crx, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\42822.xpi, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\background.html, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\bgNova.html, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-codedownloader.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-nova.dll, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4-novainstaller.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Shop_an_Up-1.4.ico, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\Uninstall.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.ShopUp.A, C:\Program Files\Shop_an_Up-1.4\utils.exe, Quarantined, [bce5750089f2ea4c044ccccc2dd501ff], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "14677974128597105a6d79f88e5ed79a"), Replaced,[a5fc561f4b3053e3a074abf02dd7ad53]Physical Sectors: 0(No malicious items detected)(end)

As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.

We use different ways of protecting your computer(s):

Dynamically Blocks Malware Sites & Servers
Malware Execution Prevention

Save yourself the hassle and get protected.

Sign In

Removal instructions for Shop_an_Up

Recommended Posts

Metallica

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information