What is Gelup?

Gelup is another Trojan like FlowerPippi that targets victims from Japan, Argentina, and the Philippines. The threat might put a user’s privacy at risk as it may gather various private and sensitive information. Also, our researchers at believe the malware could be able to download more malicious data once it enters a system. Thus, it is safe to say, the Trojan should be eliminated as fast as possible. To get rid of it manually we invite you to use our deletion guide located at the end of this report. You can also pick a legitimate antimalware tool if you prefer erasing Gelup with automatic features. Should you have more questions about this malicious application, do not hesitate to leave us a comment below.

Where does Gelup come from?

The Trojan could be spread through usual ways, for example, infected email attachments or malicious installers. Therefore, for those who want to protect their device against Gelup and threats alike, we advise staying away from attachments received with Spam or from people/companies you do not know. In fact, even if you receive an email claiming to be from a well-known company, you should still not lose your guard, as hackers can create convincing letters and forged email addresses to trick unsuspicious users. Besides, it would be smart to keep away from unreliable websites. If you need to download some tools or updates, make sure they come from legitimate sources and not some sites offering unknown freeware or pirated programs.

How does Gelup work?

At first, the threat needs to settle in, which it does by creating data in the following locations: %ALLUSERSPROFILE% and %APPDATA%. Besides, it ought to add a Registry file in a particular path mentioned in the deletion instructions available below the article.

Furthermore, our researchers say that Gelup might be able to download more content on an infected computer. It is possible it could be other malicious applications or some additional files for the Trojan itself. Whatever it could be, it is best not to leave the malware unattended for long. Especially, when research revealed the malware could gather information about its victims. We cannot say what data exactly the Trojan may gather, as its capabilities may vary, but it is likely that some of the collected data could be sensitive, e.g., banking details, passwords of various accounts, etc. Plus, there is a chance the malicious application might spy on the victim by tracking its browsing. No doubt, such activities could put your privacy at risk, which is why we believe victims should erase Gelup as soon as they notice it on their systems.

How to erase Gelup?

Deleting a Trojan by yourself could be challenging, but if you feel up to the task, you should have a look at the instructions available below. They will show how to search for the files created by the malicious application and how to get rid of them manually. Another way to remove Gelup from a device is to scan a system with a legitimate antimalware tool and wait till it detects it along with other possible threats. Afterwards, users should be able to remove all identified infections by pressing a deletion button that ought to appear right after the scan.

Eliminate Gelup

  1. Click Windows key+E.
  2. Locate these paths:
  3. Locate the malicious application’s launcher.
  4. Right-click it and select Delete.
  5. Navigate to this location: %ALLUSERSPROFILE%
  6. Find a malicious executable, e.g., {random title}.exe, right-click it, and select Delete.
  7. Look for this directory: %APPDATA%
  8. Look for a file titled MSOCache, right-click it, and choose Delete.
  9. Exit File Explorer.
  10. Press Windows key+R.
  11. Type Regedit and click Enter.
  12. Locate the given directory: HKLM\SOFTWARE\Microsoft\Windows\Current Version\Run
  13. Find a value name associated with the malware (%ALLUSERSPROFILE%\{random title}.exe), right-click it, and press Delete.
  14. Exit Registry Editor.
  15. Empty your Recycle Bin.
  16. Restart the computer. 100% FREE spyware scan and
    tested removal of Gelup*

Leave a Comment

Enter the numbers in the box to the right *