Should I remove hdshop?
What percent of users and experts removed it?
88% remove it12% keep it
What do people think about it?
(click star to rate)
How common is it?
Global Rank #36,197
United States Rank #26,236
Reach 0.0031%
Lifespan of installation (until removal)
< 10.19 days
300.73 days >
Average installed length: 158.01 days
Versions
Version | Distribution |
1.34.3.6 |
100.00% |
|
Other programs by InstalleRex-WebPick
Rankings
- #36,192 Miniclip Toolbar by Conduit
- #36,193 Panda Security for Desktops
- #36,194 Microsoft Script Browser
- #36,195 System Explorer 1.5 by Mister Group
- #36,196 WaveLab LE 7 (64 bit) by Steinberg Media Technologies GmbH
- #36,197 hdshop by InstalleRex-WebPick
- #36,198 VolumeOSD by Lenovo
- #36,199 PDF Printer for Windows 7 by Vivid Document Imaging Technologies
- #36,200 Amateur Contact Log by N3FJP Software
- #36,201 Barracuda Malware Removal Tool
- #36,202 ResultsBay by Yontoo Technology
hdshop
from InstalleRex-WebPick
What is hdshop?
This adware is a JustPlug.It web browser extension that is delivered via the WebPick (InstalleRex) download and install manager. It is included with various adware offer bundles and is a cross browser extension that runs with multiple parts including a Windows service, an auto-starting component and the browser toolbar/plugin which is designed to inject advertisements in the browser in form of banner ads, hyper-text links and popups. In addition, some versions might hijack existing advertising on web sites as well as inject affiliate codes in links as coupon offers. The advertisements that are displayed in the browser could include deceptive malvertising ads for 'required' updates of known common programs as well as unwanted pop-ups advertisements. If downloaded these programs install a number of bundled adware utilities and additional browser extensions.
Overview
During setup, the program registers itself to launch on boot through a Windows Schedule Task in order to automatically start-up (this is typically done to avoid any UAC prompts). It adds a Browser Helper Object (BHO) to Internet Explorer. Once installed, it will add an extension to both the Firefox and Chrome web browsers. The primary executable is named utils.exe. A majority of users end up uninstalling this less than a week of it being installed. The setup package generally installs about 12 files and is usually about 8.78 MB (9,208,563 bytes). The installed file hdshop-updater.exe is the auto-update component of the program which is designed to check for software updates and notify and apply them when new versions are discovered.
This browser extension utilizes Crossrider framework, a cross-browser toolbar/plugin platform used to develop, deploy and monetize web browser toolbars for Internet Explorer, Chrome and Firefox. Crossrider extension provide monetization options, mostly potentially unwanted apps, for toolbars including coupons, search assistant (home page and search hijacking) and in-text contextual advertising. Many adware programs (defined by a number of anti-virus vendors) are built using Crossrider as it provides a quick an easy way to deploy ad-supported features that will assist in browser search hijacking.
- Malware detected in the program
- Automatically starts with Windows
- Adds a toolbar to IE and an extension to Chrome and Firefox
- Uses the Crossrider toolbar framework
- During install it may hijack/modify the browser's homepage and search provider
- Runs disconnected from the browser as a background process
- Known to reinstall itself
- Typically distributed through a pay-per-install bundle
- Installs bundled adware using the WebPick InstalleRex
- Lowers the security level of the web browser
- May inject additional advertising in the browser
- Injects advertisements unassociated with the underlying web page
- The experts agree, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in hdshop.
utils.exe (27d714e75dbd9de32393ffbedbf6aca6) has been flagged by the following 13 scanners: |
Anti-Virus software | Version | Detection |
AhnLab-V3 |
N |
PUP/Win32.Adware |
avast! |
2014.9-140422 |
Win32:Dropper-gen [Drp] |
Baidu-International |
4.0.3.14422 |
Trojan.Win32.VMDetector.E |
Bkav FE |
1.3.0.4959 |
HW32.CDB |
Dr.Web |
9.0.0.0112 |
Trojan.Crossrider.4794 |
ESET-NOD32 |
8.9704 |
Win32/Toolbar.CrossRider.AB |
K7 AntiVirus |
13.176.11833 |
Trojan |
K7GW |
13.176.11833 |
Trojan ( 004973ed1 ) |
Malwarebytes |
v2014.04.22.10 |
PUP.Optional.CrossRider.A |
McAfee |
5600.7153 |
Artemis!27D714E75DBD |
McAfee-GW-Edition |
7.7153 |
Artemis!27D714E75DBD |
Symantec |
4/22/2014 rev. 3 |
WS.Reputation |
TrendMicro-HouseCall |
7.2.112 |
TROJ_GEN.F47V0319 |
hdshop-enabler.exe (dd8d6f8dec3fda976b0fb811d5fb53f1) has been flagged by the following 21 scanners: |
Anti-Virus software | Software version | Detection |
Lavasoft Ad-Aware |
12.0.163.0 |
Trojan.Generic.11159310 |
avast! |
8.0.1489.320 |
Win32:Rootkit-gen [Rtk] |
AVG |
13.0.0.3169 |
Generic5.APUZ |
Baidu-International |
3.5.1.41473 |
Adware.Win32.Lyrics.71 |
Bitdefender |
7.2 |
Trojan.Generic.11159310 |
Dr.Web |
7.00.9.04080 |
Trojan.Crossrider.950 |
Emsisoft Anti-Malware |
3.0.0.596 |
Trojan.Generic.11159310 (B) |
ESET-NOD32 |
9704 |
a variant of Win32/Toolbar.CrossRider.AC |
Fortinet FortiGate |
4 |
Riskware/Toolbar_CrossRider |
F-Secure |
11.0.19100.45 |
Trojan.Generic.11159310 |
G Data |
24 |
Trojan.Generic.11159310 |
IKARUS anti.virus |
T3.1.6.1.0 |
Trojan.SuspectCRC |
K7 AntiVirus |
9.176.11833 |
Trojan ( 004984e91 ) |
K7GW |
9.176.11833 |
Trojan ( 004984e91 ) |
Malwarebytes |
1.75.0001 |
PUP.Optional.HDShop.A |
McAfee |
6.0.4.564 |
Artemis!DD8D6F8DEC3F |
McAfee-GW-Edition |
2013 |
Artemis!DD8D6F8DEC3F |
MicroWorld-eScan |
12.0.250.0 |
Trojan.Generic.11159310 |
nProtect |
2014-04-21.01 |
Trojan.Generic.11159310 |
TrendMicro-HouseCall |
9.700-1001 |
TROJ_GEN.F47V0308 |
VIPRE Antivirus |
28474 |
Crossrider (fs) |
hdshop-codedownloader.exe (e78d8f4c7b509616300da9f0a497ffee) has been flagged by the following 19 scanners: |
Anti-Virus software | Software version | Detection |
Lavasoft Ad-Aware |
12.0.163.0 |
Trojan.Generic.11160541 |
AVG |
13.0.0.3169 |
Generic5.APUU |
Baidu-International |
3.5.1.41473 |
Adware.Win32.CrossAd.45 |
Bitdefender |
7.2 |
Trojan.Generic.11160541 |
Dr.Web |
7.00.9.04080 |
Trojan.Crossrider.7193 |
Emsisoft Anti-Malware |
3.0.0.596 |
Trojan.Generic.11160541 (B) |
ESET-NOD32 |
9704 |
a variant of Win32/Toolbar.CrossRider.AA |
Fortinet FortiGate |
4 |
Riskware/Toolbar_CrossRider |
F-Secure |
11.0.19100.45 |
Trojan.Generic.11160541 |
G Data |
24 |
Trojan.Generic.11160541 |
IKARUS anti.virus |
T3.1.6.1.0 |
Trojan.SuspectCRC |
Malwarebytes |
1.75.0001 |
PUP.Optional.HDShop.A |
McAfee |
6.0.4.564 |
Artemis!E78D8F4C7B50 |
McAfee-GW-Edition |
2013 |
Artemis!E78D8F4C7B50 |
MicroWorld-eScan |
12.0.250.0 |
Trojan.Generic.11160541 |
NANO AntiVirus |
0.28.0.59492 |
Trojan.Win32.Crossrider.cwhmph |
Norman |
7.03.02 |
Suspicious_Gen4.GBYYM |
nProtect |
2014-04-21.01 |
Trojan.Generic.11160541 |
VIPRE Antivirus |
28474 |
Crossrider (fs) |
hdshop-bho.dll (53b87f3ab0c1e1c31c1f64dafc882e0f) has been flagged by the following 12 scanners: |
Anti-Virus software | Software version | Detection |
Lavasoft Ad-Aware |
12.0.163.0 |
Adware.Generic.915302 |
AVG |
13.0.0.3169 |
MultiBundle.R |
Bitdefender |
7.2 |
Adware.Generic.915302 |
Emsisoft Anti-Malware |
3.0.0.596 |
Adware.Generic.915302 (B) |
F-Secure |
11.0.19100.45 |
Adware.Generic.915302 |
G Data |
24 |
Adware.Generic.915302 |
Malwarebytes |
1.75.0001 |
PUP.Optional.HDShop.A |
MicroWorld-eScan |
12.0.250.0 |
Adware.Generic.915302 |
Sophos |
4.98.0 |
AppRider |
Symantec |
20131.1.5.61 |
Adware.Crossid |
TrendMicro-HouseCall |
9.700-1001 |
TROJ_GEN.R092H05D414 |
VIPRE Antivirus |
28240 |
Crossrider (fs) |
hdshop-chromeinstaller.exe (196b5a487fb970c3b49fc3c0de51f8fe) has been flagged by the following 4 scanners: |
Anti-Virus software | Software version | Detection |
AVG |
13.0.0.3169 |
Generic5.APUT |
Baidu-International |
3.5.1.41473 |
Adware.Win32.Lyrics.71 |
Malwarebytes |
1.75.0001 |
PUP.Optional.HDShop.A |
VIPRE Antivirus |
27850 |
Crossrider (fs) |
hdshop-bho64.dll (2ff2e982fe45921511b38f004ad2600a) has been flagged by the following 4 scanners: |
Anti-Virus software | Software version | Detection |
Baidu-International |
3.5.1.41473 |
Adware.Win64.Crossrider.D |
ESET-NOD32 |
9547 |
a variant of Win64/Toolbar.Crossrider.D |
Malwarebytes |
1.75.0001 |
PUP.Optional.HDShop.A |
VIPRE Antivirus |
27408 |
Crossrider (fs) |
hdshop-updater.exe (68754894d391aa3d94e8866265b52c6c) has been flagged by the following 4 scanners: |
Anti-Virus software | Software version | Detection |
avast! |
8.0.1489.320 |
Win32:Malware-gen |
Malwarebytes |
1.75.0001 |
PUP.Optional.HDShop.A |
SUPERAntiSpyware |
5.6.0.1032 |
Trojan.Agent/Gen-Crossrider |
VIPRE Antivirus |
27544 |
Crossrider (fs) |
hdshop-firefoxinstaller.exe (8c8acd27dacee4c974d1907cb64ce75e) has been flagged by the following 2 scanners: |
Anti-Virus software | Software version | Detection |
Malwarebytes |
1.75.0001 |
PUP.Optional.HDShop.A |
VIPRE Antivirus |
27544 |
Crossrider (fs) |
View all 79 all detections
hdshop has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.
Program details
Displayed publisher: hdplus
Installation folder: C:\Program Files\hdshop
Uninstaller: C:\Program Files\hdshop\Uninstall.exe /fromcontrolpanel=1
Estimated size: 8.78 MB
Files installed by hdshop
Program executable: | utils.exe (Malware detected) |
Path: | C:\Program Files\hdshop\utils.exe |
MD5: | 27d714e75dbd9de32393ffbedbf6aca6 |
Additional files:
-
hdshop-bg.exe (by hdplus) - hdshop (hdshop exe)
-
(Malware detected) hdshop-bho.dll (by hdplus) - hdshop BHO
-
(Malware detected) hdshop-bho64.dll
-
(Malware detected) hdshop-chromeinstaller.exe
-
(Malware detected) hdshop-codedownloader.exe
-
(Malware detected) hdshop-enabler.exe
-
(Malware detected) hdshop-firefoxinstaller.exe
-
(Malware detected) hdshop-updater.exe
-
52800.crx
-
52800.xpi
Behaviors exhibited
2 Internet Explorer BHOs
- hdshop-bho64.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'hdshop' with the class of {11111111-1111-1111-1111-110511281100} (CrossriderApp0052800).
- hdshop-bho.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'hdshop' with the class of {11111111-1111-1111-1111-110511281100} (CrossriderApp0052800).
5 Scheduled Tasks (Boot/Login)
- hdshop-updater.exe is automatically launched at startup through a scheduled task named hdshop-updater.
- hdshop-firefoxinstaller.exe is automatically launched at startup through a scheduled task named hdshop-firefoxinstaller.
- hdshop-enabler.exe is automatically launched at startup through a scheduled task named hdshop-enabler.
- hdshop-codedownloader.exe is automatically launched at startup through a scheduled task named hdshop-codedownloader.
- hdshop-chromeinstaller.exe is automatically launched at startup through a scheduled task named hdshop-chromeinstaller.
How do I remove hdshop?
You can uninstall hdshop from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program hdshop, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove hdshop.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
How do I reset my web browser?
If your web browser homepage and search settings have been modfied by hdshop you can restore them to their previous default settings.
Microsoft Internet Explorer
- Open Internet Explorer and click the Tools button, and then click Internet options.
- Click the Advanced tab, and then click Reset. Select the Delete personal settings check box if you would also like to remove search providers, Accelerators and home pages. When Internet Explorer finishes applying default settings, click Close, and then click OK.
- The changes will take effect the next time you open IE.
Mozilla Firefox
- At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu and select Troubleshooting Information.
- To continue, click Reset Firefox in the confirmation window that opens. It will close and be reset.
- When it's done, a window will list the information that was imported. Click Finish and Firefox will open.
Google Chrome
- Open Chrome and click the Chrome menu on the browser toolbar.
- Select Settings. In the "Search" section, click Manage search engine. Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default. Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.
- When the "Show Home button" checkbox is selected, a web address appears below it. If you want the Homepage button to open up a different webpage, click Change to enter a link.
- Restart Google Chrome.
OS VERSIONS
Win 7 (SP1) 43%
Win Vista (SP1) 2%
|
|
HOW IT STARTS
Scheduled task? Yes
(Runs on Windows boot)
|
|
USER ACTIONS
|
Uninstall it 88%
Keep it 12%
|
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
47.62% |
|
Windows 10 |
36.51% |
|
Windows Vista |
9.52% |
|
Windows XP |
6.35% |
|
Which OS releases does it run on? |
Windows 7 Home Premium |
33.87% |
|
Windows 8.1 |
20.97% |
|
Windows 8 |
11.29% |
|
Windows Vista Home Premiu... |
9.68% |
|
Windows 7 Professional |
8.06% |
|
Microsoft Windows XP |
6.45% |
|
Geography
73.75% of installs come from the United States
Which countries install it?
United States |
73.75% |
Italy |
12.50% |
Spain |
6.25% |
United Kingdom |
2.50% |
Brazil |
1.25% |
Canada |
1.25% |
France |
1.25% |
Venezuela |
1.25% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Hewlett-Packard |
26.67% |
|
Dell |
18.33% |
|
Acer |
18.33% |
|
Lenovo |
10.00% |
|
Toshiba |
10.00% |
|
ASUS |
6.67% |
|
Sony |
1.67% |
|
Samsung |
1.67% |
|
MSI |
1.67% |
|
Medion |
1.67% |
|
Intel |
1.67% |
|
American Megatrends |
1.67% |
|
Common models |
Gateway NE56R |
5.08% |
|
LENOVO 10099 |
3.39% |
|
Packard Bell EasyNote TJ6... |
3.39% |
|
HP Pavilion dv7 Notebook ... |
3.39% |
|
HP 15 Notebook PC |
3.39% |
|
Gigabyte G41MT-S2P |
1.69% |
|