Search the Community

Hello, I have a system running Win 10 and Malwarebytes Home Pre. It appears when I am on the Yahoo email page I randomly get redirected to securessl-dl.com, which is immediately blocked by Malwarebytes. A full scan of the system has not found any malware or other issues. Win Defender and Kaspersky scan also does not find anything. This is the report: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/8/19 Protection Event Time: 7:25 AM Log File: 74f317e2-1340-11e9-b068-94c6916e2bf1.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.508 Update Package Version: 1.0.8678 License: Premium -System Information- OS: Windows 10 (Build 17134.472) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: PUP Domain: securessl-dl.com IP Address: 18.235.178.113 Port: [63289] Type: Outbound File: C:\Program Files (x86)\Internet Explorer\iexplore.exe (end) Anybody see anything like this? Thanks, Larry

Hey all, I have a plugin for Internet Explorer that I need to run in order to watch legal video streams. Unfortunately, I can't run it while Malwarebytes is running because the browser crashes and Malwarebytes gives me the reply you can read in the attached file. Can anyone explain how to exclude this addon so I can watch the video streams? I don't want to exclude IE altogether because I don't want to be exposed to malware. Thanks! error.txt

Hi Team My websites like https://www.changehomepage.net/, https://www.commerce-microsoft.com/, https://www.fixfirefoxerror.com/, https://www.incredimailsupports.com/, https://www.microsoft-number.com/, https://www.thunderbirdsupport.com/ are now malware free. All the information given in the websites are true and very useful. Kindly white-list these websites ASAP. Thanks & Regards Ron Weasley

Same problem here. Any results? ---------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/27/18 Protection Event Time: 8:21 AM Log File: 06c7bc0a-3187-11e8-8fa3-40b03415914b.json Administrator: Yes -Software Information- Version: 3.4.4.2398 Components Version: 1.0.322 Update Package Version: 1.0.4490 License: Premium -System Information- OS: Windows 10 (Build 15063.966) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Internet Explorer (and add-ons) Protection Layer: Application Hardening Protection Technique: Attempt to execute VBScript blocked File Name: C:\WINDOWS\system32\VBScript.dll URL: (end) Already tried --> FRST64, AdwCleaner, Sophos Virus Removal Tool with no results, zie logfiles att. Disabled all add-ons in IE with no results Is there an solution for this? Regards, AvL FRST.txt Addition.txt

Every time I open a new page in Internet Explorer I get a Malwarebytes pop up that tells me "Exploit automatically blocked". This happens for every page including blank pages since 9/17/17 and is getting really annoying! Below is the report text, any help would be appreciated. -Log Details- Protection Event Date: 11/17/17 Protection Event Time: 10:07 AM Log File: 02064c3e-cba9-11e7-a8f9-0250f2eb72f3.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3282 License: Premium -System Information- OS: Windows 8.1 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Internet Explorer (and add-ons) Protection Layer: Application Hardening Protection Technique: Attempt to execute VBScript blocked File Name: C:\WINDOWS\system32\VBScript.dll URL: (end)

Hello all, My moms laptop HP Pavilion g7-1117cl is running slow especially while on Internet Explorer 11. The most she uses it for is on Pogo.com games. i have run the following items: tweaking registry cleaner CCleaner ATF cleaner TFC windows defender microsoft security essentials malwarebytes super antispyware Also did a check on drive c disk defragmenter and it is 2% fragmented. I also did a disk cleanup and no real improvements have been made. I uninstalled IE 11 and restarted the computer, it went back to IE 8, the games on Pogo and all websites loaded great and fast. I reinstalled updates for IE 11 and it went back to the slow speeds. Also it is now showing drive E as 0 bytes full and 0 bytes space available. Autorun doesnt pick up on one cd that we have tried so far. The laptop is windows 7 home edition 64 bit. I did run the threat scan and have posted the log below for malwarebytes. Any help is appreciated and would like to thank-you in advance. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/6/17 Scan Time: 4:45 PM Log File: threat scan log.txt Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.160 Update Package Version: 1.0.2523 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: joy-HP\joy -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 349942 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 17 min, 58 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)

Hi My MWB management server has emailed over a notice about an exploit on a client.. but I can't see particularly what it was unhappy about. The user was trying to use IE to navigate to a URL we use each month.. the user didn't log into the website behind the URL and closed the browser. Could someone tell me what the anti-exploit took exception to? Below is message and attached are the MWB Server log for that client; certain details redacted.. Alert Time: 7/24/2017 12:27:14 PM Server Hostname: SECURITY0 Server Domain/Workgroup: ****************** Server IP: 192.168.100.101 Notification Catalog: Client Description: Exploit threat detected, see details below: 7/24/2017 12:25:09 PM MIR-HR 192.168.100.47 Exploit attempt blocked BLOCK cmorley Internet Explorer C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Attacked application: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE; Parent process name: iexplore.exe; Layer: Application Hardening; API ID: 900; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: Total count: 1. SecurityLogs - MIR-HR.csv

Dear Malwarebytes, I would like to report a critical issue with MBAE 1.09.2.1384 and Internet Explorer 11 with the latest updates. Internet Explorer 11 will randomly freezes when launched. Please see attached screenshot for reference. Thanks.

So recently I tried to download a file, as stupid as I am, I visited a untrusted website and downloaded a file, that file then keeps opening random tabs with ads in it from internet explorer etc.. I have done every scan possible but they just cant find it! I'm running a 64bit operating system please help me fast!

I keep encountering a crash when I click on google search results in IE 11 on windows 10 14393 and 15063. When I go to click a search result, IE brings up a message saying IE has crashed and is restarting. but a new tab opens but instead of going to the address I clicked the link to, it opens as an internal address about:blank. It does this on most search results, but not all of them. I posted the error events from the event log below. MBAE64.dll is the culprit. I don't know why only google search results seem to be affected. other browsing actions complete successfully. Faulting application name: iexplore.exe, version: 11.0.15063.0, time stamp: 0x7e29c811 Faulting module name: mbae64.dll, version: 1.9.2.211, time stamp: 0x58d2a5ae Exception code: 0xc0000409 Fault offset: 0x000000000003501b Faulting process id: 0x4d4c Faulting application start time: 0x01d2c061c30429c1 Faulting application path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll Report Id: 13b0806b-7a34-43b4-ae25-a4bbd277597c Faulting package full name: Faulting package-relative application ID: - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Application Error" /> <EventID Qualifiers="0">1000</EventID> <Level>2</Level> <Task>100</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2017-04-28T20:56:30.159783400Z" /> <EventRecordID>3327</EventRecordID> <Channel>Application</Channel> <Computer>ChrisSolomon-PC</Computer> <Security /> </System> - <EventData> <Data>iexplore.exe</Data> <Data>11.0.15063.0</Data> <Data>7e29c811</Data> <Data>mbae64.dll</Data> <Data>1.9.2.211</Data> <Data>58d2a5ae</Data> <Data>c0000409</Data> <Data>000000000003501b</Data> <Data>4d4c</Data> <Data>01d2c061c30429c1</Data> <Data>C:\Program Files\Internet Explorer\iexplore.exe</Data> <Data>C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll</Data> <Data>13b0806b-7a34-43b4-ae25-a4bbd277597c</Data> <Data /> <Data /> </EventData> </Event> logs.zip Addition.txt FRST.txt MB-CheckResult.txt

MWAB is not honoring whitelisted websites, and continues to block (business critical) java apps from running on those sites. If web protection is completely disabled, sites work fine. Version: 3.0.6.1469 Component Package: 1.0.96 Update Package: 1.0.1666 Windows 10 Enterprise

I'm currently in the process of doing some cleaning on my computer. Last night I noticed a folder titled CEF under AppData Local. Basically I'd just like to ask people on this forum if this sounds legitimate or if it's something I should be concerned about. I will try an be as specific as possible with the details and the included files. Opening the CEF folder reveals a folder titled User Data which contains 2 other folders titled Dictionaries and WidevineCDM. Dictionaries is empty, but WidevineCDM contains a folder titled 1.4.8.824 (current version?). Said folder contains 3 other folders _metadata, _platform_specific and imgs aloung with two files named manifest.fingerprint (0 bytes in size) and manifest.json (957 bytes in size). The folder imgs simply contains a single PNG image in form of a Google coloured lock of sorts. The folder _metadata contains a file titled verified_contents.json (1,47 kb in size). The folder _platform_specific contains the folder named win_x86 which reveals the 2 .dll files widevinecdm.dll and widevinecdmadapter.dll and another file titled CdmAdapterVersion (12 bytes in size). The details for the widevinecdm.dll file claims that it's author is Google and the author for the widevinecdmadapter.dll is The Chromium Authors. (screenshot added for more specific file details and pardon the lack of english language). All files comes out as clean according to Malwarebytes Free and Nod 32 Antivirus 8 and the Eset Rogue Application Remover claims that my system is fine. After doing a bit of Google I can understand that all of these Widevine files is very much the product of Google and is used as some sort of DRM for video services such as YouTube and Netflix? (Please correct me if I'm wrong.) And it sounds like it might be related to using the HTML5 player instead of Flash? It also sounds like these files are auto installed onto the system without the users approvral, which comes of as a little sketchy to me. I haven't had used Adobe Flash Player for ages due to security concerns and I have Silverlight installed for the use with Netflix. I'm not even using Google's Chrome browser, nor do I have it installed. I'm currently using the latest version of Internet Explorer with ActiveX filtering and other increased security settings. I am however using Gmail which obviously requires me to log into Google's services. So basically, does all of this sound right that these Widewine related programs are installed on my system when I don't even use the Chrome browser, or are they browser indiffrent? If someone knows of these things and can explain these it I would be very grateful I can't really seem to find any information regarding these programs when your browser is IE. All that really comes up is Chrome related topics. 　

Hi When Internet Download Manager (IDM) from http://www.internetdownloadmanager.com is installed, and when trying to use "Download with IDM" right click menu item in Internet Explorer 11, your new feature (Application Hardening) blocks VB script in a static html page stored on local drive. Specifically it blocks C:\Program Files (x86)\Internet Download Manager\IEExt.htm and C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm files, and it names this action as blocking an exploit May you please clarify when it became an exploit, and how it can be exploited? How a malefactor can use this exploit on a customer computer? These script files are a part of IDM distribution, and they call ActiveX components, which were installed by IDM installer during IDM installation. It’s not possible for a malefactor to change these VBscript files or ActiveX components without administrative rights. If he has such rights, he will not need to modify or use these scripts and files. Regards, Charles Jones Tonec Inc.

I've come across an issue where Internet explorer will not successfully launch with "Exploit protection" from MB 3.0 premium enabled. When you attempt to launch IE, you receive a whirly mouse pointer for a couple of seconds before IE crashes. You never see any sign of IE visibly launching on the display. I mainly use Firefox for browsing, so this is a minor issue with me, I do not need assistance further diagnosing this, but am posting this information to help improve the product and assist others. I have identified a workaround, which is to disable "Exploit protection" for Internet Explorer (only) - Of course disabling a protection method for one of the applications which it is most important to protect is far from ideal (but in my case acceptable as I only use IE for a few sites that I trust). (The setting is found under Settings => Protection => (Under Exploit Protection) "Manage Protected Applications" => Turn off "Internet Explorer (and add ins)" x64 Relevant information: Malwarebytes 3.0.4.1269 - Premium (with lifetime license) Windows 10 Professional 64 bit. - v 1607 English International (EN-GB), updated to include December 2016 patch Tuesday. Kaspersky Total Security 2017 17.0.0.611(C) - All modules in use except "Safe Money" When IE crashes, the following event is logged: Log Name: Application Source: Application Error Date: 15/12/2016 19:14:32 Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User: N/A Computer: (redacted) Description: Faulting application name: iexplore.exe, version: 11.0.14393.0, time stamp: 0x57899953 Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f Exception code: 0xc0000005 Fault offset: 0x0000000000075dd0 Faulting process ID: 0x27e0 Faulting application start time: 0x01d257077752078e Faulting application path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report ID: 6f2aa6f2-5efa-438c-b245-12bce2c0670e Faulting package full name: Faulting package-relative application ID: Troubleshooting so far: Disabling all MB protection methods allowed IE to run. Narrowed that down to all protection methods running except "Exploit protection" - IE runs OK Re-enabled "Exploit protection" - IE Fails to launch. Under "Exploit protection", In "Manage Protected applications" disabled "Internet Explorer (and add ins)" - IE runs OK Re-enabled that setting - IE Fails to launch. Under "Exploit protection", In "Advanced Settings" disabled all protections in all categories. - IE Fails to launch. In those "Advanced Settings", Restored the default protections. - IE Fails to launch. Disabled Kaspersky setting to force its protection extensions into browsers Accessing IE "Manage Add-ons" settings, disabled all extensions - IE Fails to launch. (note: in the above I disabled "Exploit protection" in order to access the "Manage Add-ons" form, then re-enabled it for the test. Re-enabled Kaspersky forcing its protection extensions into browsers Re-enabled IE add ins. Comment: Three changes occurred to system in a relatively short time (Upgrade to MB 3.0, KTS 2017 patch C and the December Windows Updates), I only noticed the issue after all three and so cannot say if the Windows or KTS updates are implicated. I was not running Anti-Exploit before MB 3.0. Additional issue: the "Manage Protected Applications" seems a bit screwy... This morning I had three "Internet Explorer (and add ins)" items in the list, only one of which could be managed. This evening I have only one again (but sometimes activating the switch has no visible effect but does appear to actually change the setting)

Our client received an anti-exploit alert with "File/Process Blocked" and "Attacking URL" both saying "N/A." We are wondering how to troubleshoot this without that information. Specifically, the alert says it's "Internet Explorer (and add-ons)," Protection Layer: "Application Hardening," and Protection Technique: "Anti-Exploit fingerprinting attempt detected." Thanks in advance for your help!

I was just curios if MBAE protects browsers and against sites set up to exploit the Windows Credential Leak Flaw in Edge, IE, and Cortana/Windows Search? I tried Malwarebytes search here in the forums, and the main sit, but I guess I either don't use the correct terms, or nothing has been written or asked already

I'm using MBAE in Windows 8.1. When I use IE, all versions, to access a site that won't run in IE11, even with Compatibility Mode set, the site won't display properly. All software is up to date. If I stop the MBAE process, I have no problems. How do I get MBAE to work with Compatibility Mode?

I've been running mbae for a long while now and about a month ago it started notifying me of what process it was protecting whenever I launched said process. "Google Chrome now protected" and such when I opened chrome. These notifications come in the form of a popup speech bubble from the system tray. This is all fine and dandy but today it out of the blue told me that it was protecting internet explorer. Now this surprised me since ive not used internet explorer for over a year and that was when I downloaded google chrome after a full os reinstall and format. I checked the taskmanager and found iexplore.exe as a process which I terminated and started googling my problem. A few minutes later it once again notifyed me of protecting another instance of iexplore.exe and this time I didnt terminated the process but instead kept on researching and scanning with mbam. A few seconds later I checked back into the taskmanager and found that the iexplore.exe process was gone. I then waited for mbam to finish scanning which it did with no results and now im here writing this. What should I do? Nothing on my computer has changed since yesterday and this is the first time ive seen this. The only odd thing is that the online game TERA on steam wouldnt launch today either but this was solved by simply verifying my game cache so I think that was just a coincidence. Ive had TERA installed since last friday and this was the first instance of the TERA bug. Ive attached my mbae logs like instructed and I will respond to this thread with any updates on the problem. Any advice greatly appreciated! Malwarebytes Anti-Exploit.rar

I'm having an issue with several pc's where the browser, IE in particular, will not open with the MBAE service running. If I stop the service the browser will function correctly. If the service is running and I start IE it opens temporarily with a not responding and then closes. Thanks in advance for any help!!

I'm running Windows 7 SP1, fully updated, with MBAM Home (Premium) 2.2.0.1024, database version 20.6.03.06.02, set to load on start-up. If after start-up I try to run Internet Explorer (v11.0.9600.18204), a skeleton window appears that never populates; it closes after a few seconds. In Task Manager, 2 IE processes appear, one of which closes when the skeleton window closes; the other one persists for 30 seconds or so, then closes. If I close MBAM, IE will then run normally. If I then manually load MBAM again, IE still runs normally. If I prevent MBAM from loading on start-up, IE runs normally. If I then load MBAM manually, IE will still run normally. To summarise: it seems that MBAM is preventing IE from running unless IE has been run before MBAM loads. All IE add-ons are disabled (I have tried resetting IE). Can anyone help with this problem? - thanks.

Hello, Good day. My Avast installation is detecting (and blocking, thankfully) a malware infection from "ninthclub (dot) com" everytime I start internet explorer or chrome, which are the only two browsers I use. When I run Malwarebytes it does not detect it. Any ideas on how to remove would be appreciated, please. Hopefully you will update the malwarebytes database soon to take care of this specific malware infection. Here are the details from Avast, fwiw: Object: hxxp://ninthclub(dot)com/work/new/index(dot)php Infection: URL:Mal Process: c:\Program files...\iexplore.exe ( <--- or chrome.exe depending on the browser launched) Running Windows 7, 64-bit IE version 11 Chrome Version 46.0.2490.80 m Thanks. Alonso B.

Hi, I noticed my browsers (Firefox, IE) was loading very slowly yesterday night so this morning I run Avast and Anti-Malware but nothing was found. After I updated Anti-Malware I could no longer access any websites unless I turn off Anti-Malware. I'm attaching CheckResults.txt, FRST.txt and Addition.txt files. Also I tried Zoek (since I saw a similar issue from previous post) but it didn't solve the problem. I'm attaching the Zoek results file too. Thank you in advance Addition.txt CheckResults.txt FRST.txt zoek-results.txt

Hello, Malwarebytes, Windows updates, and Microsoft Security Essentials will not update. Also, i'm getting an ERR_CONNECTION_TIMES_OUT error in Google Chrome. I am running on Windows 7 and have run all updates till the updating service stopped working. After Installing Malwarebytes to check for malware I notice that its updating service is not working either. As for Internet browsing I get an ERR_CONNECTION_TIMES_OUT error on Google Chrome, Internet Explorer, and Firefox for certain websites. Especially websites that deal with removing malware hint hint lol. I just cant figure out how to remove this stuff. Any help would be greatly appreciated.

hi, i opened my browers and it was infected or hijacked by another page called delta homes, i have Windows 8, i restored it to another date and it disappeared but appeared later, i read some place to use malwarebytes, i did, i deleted every pup that appeared, i didnt know which were the pups that were doing the damage, i guess i did something and screwed it up because now i click on ie and it says that something modied changed or something happened to the program, i used malwarebytes twice because where it mentioned to use it said to use it twice, i will paste the log informat5ion, below, please help, and just to mention im not totally sure delta homes is gone, i managed to open ie page using the run diallog box, then i managed to leave an address option in the tool bars, i never seen this option before but thats how i get to ie and use the web. so ie is still functioning, but i cant find regular icon on like before. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 22/07/2015 Scan Time: 10:28 a.m. Logfile: malbyteswar.txt Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.07.22.04 Rootkit Database: v2015.07.17.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8 CPU: x86 File System: NTFS User: Novella pc Scan Type: Threat Scan Result: Completed Objects Scanned: 301171 Time Elapsed: 9 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 4 PUP.Optional.XTab.A, C:\Program Files\MiuiTab\ProtectService.exe, 1720, Delete-on-Reboot, [f0dc3ea696f464d2a29d75e7d8297888] PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1316, Delete-on-Reboot, [e7e5f7ed1971ad89d7a4a7770bf8827e] PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\CmdShell.exe, 3236, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9] PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\HPNotify.exe, 3336, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9] Modules: 9 PUP.Optional.SupTab.A, C:\Program Files\MiuiTab\SupTab.dll, Delete-on-Reboot, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\BrowserAction.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\IeWatchDog.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcp110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcp110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcp110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcr110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcr110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcr110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], Registry Keys: 59 PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, Quarantined, [f0dc3ea696f464d2a29d75e7d8297888], PUP.Optional.Airglobe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{913d2ed3-4e23-413f-bdab-195da83ca204}Gw, Quarantined, [408ce8fcacde0234198e3e2df60f27d9], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}\INPROCSERVER32, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}\INPROCSERVER32, Quarantined, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.AdGazelle.A, HKLM\SOFTWARE\AdGazelle, Quarantined, [9735bd27b5d50e28751fdc3b25de49b7], PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\Crossbrowse, Quarantined, [28a430b48bff88ae09a3f8155ba8e11f], PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\delta-homesSoftware, Quarantined, [606c8d576c1ea5912c1baa88a162e818], PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, Quarantined, [606c16ce563406307d19e2b31ee61de3], PUP.Optional.IHProtect.A, HKLM\SOFTWARE\IHProtect, Quarantined, [cefef4f0226824123211cc4f11f226da], PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\oursurfingSoftware, Quarantined, [a9238d57e8a283b358607e8c2fd4b34d], PUP.Optional.Picexa.A, HKLM\SOFTWARE\PicexaSvc, Quarantined, [eede5490aedc023466039afbc440cd33], PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, Quarantined, [676520c4870338fe0e06136d7c88b44c], PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, Quarantined, [bf0d2bb96723dc5afaa7761f7391fd03], PUP.Optional.CrossRider.C, HKLM\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [6765568e4644eb4b63f5ae5d1ce7be42], PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, Quarantined, [c10b05df9bef75c1c2b59bf641c328d8], PUP.Optional.SmileysWeLove.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fjbbjfdilbioabojmcplalojlmdngbjl, Quarantined, [1ab2a63e0e7cf541be534feb659eb54b], PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [eddf657f8efc53e37a3f828b23e0be42], PUP.Optional.MiuiTab.A, HKLM\SOFTWARE\SUPDP, Quarantined, [f7d542a243476fc717ed376770948977], PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB, Quarantined, [2aa28d57f2983600f12a032b659ed62a], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, Quarantined, [ab21d50f305aec4a471b63d39b68a957], PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, Quarantined, [e7e5f7ed1971ad89d7a4a7770bf8827e], PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [fcd0aa3a76145adc4ea241e30df6fc04], PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv-ie, Quarantined, [5e6e8b59d7b3ab8bddfb32588a7a1ae6], PUP.Optional.HD4Good.A, HKU\S-1-5-18\SOFTWARE\HD4Good-nv-ie, Quarantined, [f5d731b362286bcbe05efd8f1de78c74], PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv-ie, Quarantined, [0ebe44a0157593a3b94d2f01f21113ed], PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv-ie, Quarantined, [507c80642f5b0234f575f09bf80cdd23], PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Quarantined, [0bc100e4553557df6713335e2fd57e82], PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [8745ffe563275fd7c4e7eda434d03ec2], PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, Quarantined, [cc00c51f5d2dbc7a4467cac761a30af6], PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, Quarantined, [a32935af21691a1c109bff9217ed39c7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\Cinema Video 1.8V12.06-nv-ie, Quarantined, [6f5d3da724666acc379fef34a261768a], PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\Crossbrowse, Quarantined, [ddef33b1abdf78bef5b6bd50ff0449b7], PUP.Optional.GeForce.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\Ge-Force-nv-ie, Quarantined, [f4d82db7fe8c91a58a4e3555fe06cd33], PUP.Optional.HD4Good.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\HD4Good-nv-ie, Quarantined, [2ba17b6993f7280e85b9fc9071935da3], PUP.Optional.HighDefAction.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\HighDefAction, Quarantined, [7953ac38a7e3a88eeca9f1a452b211ef], PUP.Optional.SavePass.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\SavePass 1.1-nv-ie, Quarantined, [ae1ed60ed6b442f463a3919fa95af907], PUP.Optional.Sense.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\Sense-nv-ie, Quarantined, [efddb62e7218f34379f1850692720af6], PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\YorkNewCin, Quarantined, [af1d568e3951270fc3ddb6dfa55f5fa1], PUP.Optional.CrossRider.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [913bfde78dfd58de3fb0c5b35fa504fc], PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\ARENAHD, Quarantined, [a92335afd2b88aac43332170b64e49b7], PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, Quarantined, [bb113da7078370c69ddc49c4c2414db3], PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [06c633b1c7c3fa3c57db64a9986bce32], PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, Quarantined, [09c35094ccbea98db2803fce758ee818], PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}, Quarantined, [3f8dab398a006bcbd260d439be45e917], PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, Quarantined, [08c408dc3357c76f3df59d70ad560cf4], PUP.Optional.ProductSetup.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [17b540a4bad044f26600b1e7c63ed030], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\SYSTWEAK\ssd, Quarantined, [9f2d7470b0da52e4f26f44f2d92aaf51], Registry Values: 19 PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, Quarantined, [c10b05df9bef75c1c2b59bf641c328d8] PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, Quarantined, [25a7954ffb8f73c3fb87f9989e665ba5] PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, delta-homes, Quarantined, [eddf657f8efc53e37a3f828b23e0be42] PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://search.delta-homes.com/web/?type=ds&ts=1437579139&z=7c79a323ebeb559d217c064gaz8c3m2wamateg5z4e&from=wpm07163&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE&q={searchTerms}, Quarantined, [715b42a2e9a1999dc9f01bf26d96a45c] PUP.Optional.MiuiTab.A, HKLM\SOFTWARE\SUPDP|dir, C:\Program Files\MiuiTab, Quarantined, [f7d542a243476fc717ed376770948977] PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB|ptid, wpm07163, Quarantined, [2aa28d57f2983600f12a032b659ed62a] PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.oursurfing.com/web/?utm_source=b&utm_medium=pjr&utm_campaign=install_ie&utm_content=ds&from=pjr&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE&ts=1434207852&type=default&q={searchTerms}, Quarantined, [8745ffe563275fd7c4e7eda434d03ec2] PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://www.oursurfing.com/web/?utm_source=b&utm_medium=pjr&utm_campaign=install_ie&utm_content=ds&from=pjr&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE&ts=1434207852&type=default&q={searchTerms}, Quarantined, [cc00c51f5d2dbc7a4467cac761a30af6] PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://www.oursurfing.com//favicon.ico, Quarantined, [3c908f55fa90a492ffacd8b99f65a957] PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://www.oursurfing.com/web/?utm_source=b&utm_medium=pjr&utm_campaign=install_ie&utm_content=ds&from=pjr&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE&ts=1434207852&type=default&q={searchTerms}, Quarantined, [a32935af21691a1c109bff9217ed39c7] PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\ARENAHD|value, 1, Quarantined, [a92335afd2b88aac43332170b64e49b7] PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, Quarantined, [bb113da7078370c69ddc49c4c2414db3] PUP.Optional.PCTuner.C, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\HIGHDEFACTION|value, 1, Quarantined, [eddf2cb8ed9db97d542cf69b05ffe719] PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [06c633b1c7c3fa3c57db64a9986bce32] PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [09c35094ccbea98db2803fce758ee818] PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://do-search.com//favicon.ico, Quarantined, [6a6218cc781295a1dd55799454af09f7] PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [3f8dab398a006bcbd260d439be45e917] PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [08c408dc3357c76f3df59d70ad560cf4] PUP.Optional.ProductSetup.A, HKU\S-1-5-21-476698584-3894196501-1223702351-1001\SOFTWARE\PRODUCTSETUP|tb, 0N2X1N, Quarantined, [17b540a4bad044f26600b1e7c63ed030] Registry Data: 4 PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\program files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1437579139&z=7c79a323ebeb559d217c064gaz8c3m2wamateg5z4e&from=wpm07163&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE, Good: (iexplore.exe), Bad: (C:\program files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1437579139&z=7c79a323ebeb559d217c064gaz8c3m2wamateg5z4e&from=wpm07163&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE),Replaced,[418b1dc7375376c04e8c8badf411e51b] PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.delta-homes.com/?type=hp&ts=1437579139&z=7c79a323ebeb559d217c064gaz8c3m2wamateg5z4e&from=wpm07163&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1437579139&z=7c79a323ebeb559d217c064gaz8c3m2wamateg5z4e&from=wpm07163&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE),Replaced,[21ab8e561278f244d9fc4eeab154c63a] PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1437579139&z=7c79a323ebeb559d217c064gaz8c3m2wamateg5z4e&from=wpm07163&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1437579139&z=7c79a323ebeb559d217c064gaz8c3m2wamateg5z4e&from=wpm07163&uid=ST3750640AS_5QD4ZABEXXXX5QD4ZABE),Replaced,[2ca0954f4d3d8ea89540fa3e699c9070] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[319b00e4fc8efc3a44e0023632d3768a] Folders: 45 PUP.Optional.OpenCandy, C:\Users\Novella pc\AppData\Roaming\OpenCandy, Quarantined, [d1fb0adae0aa8aac6aab0fc7cf33e719], PUP.Optional.OpenCandy, C:\Users\Novella pc\AppData\Roaming\OpenCandy\33F3E780212A45AC90DC5DA13999BAC8, Quarantined, [d1fb0adae0aa8aac6aab0fc7cf33e719], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Delete-on-Reboot, [0ebe63815535043215c9ac3b20e21ae6], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [0ebe63815535043215c9ac3b20e21ae6], PUP.Optional.SystemSpeedup, C:\Users\Novella pc\AppData\Roaming\systweak\ssd, Quarantined, [18b44f95c8c2f73fd36b52964eb4df21], PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, Quarantined, [e7e526be0a80e452c2224fac927042be], PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, Quarantined, [e7e526be0a80e452c2224fac927042be], PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, Quarantined, [28a417cd1e6ceb4be6e043beb05333cd], PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, Quarantined, [28a417cd1e6ceb4be6e043beb05333cd], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\similar, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\image, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\img, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\en-US, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\es-419, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\es-ES, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-BE, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-CA, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-CH, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-FR, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-LU, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\it-CH, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\it-IT, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\pl, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\pt, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\pt-BR, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\ru, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\ru-MO, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\tr-TR, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\vi-VI, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\zh-CN, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\zh-TW, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], Files: 103 PUP.Optional.XTab.A, C:\Program Files\MiuiTab\ProtectService.exe, Delete-on-Reboot, [f0dc3ea696f464d2a29d75e7d8297888], PUP.Optional.Airglobe, C:\Windows\System32\Drivers\{913d2ed3-4e23-413f-bdab-195da83ca204}Gw.sys, Quarantined, [408ce8fcacde0234198e3e2df60f27d9], PUP.Optional.SupTab.A, C:\Program Files\MiuiTab\SupTab.dll, Delete-on-Reboot, [a9233ca8cebcda5c72c2265e23df867a], PUP.Optional.OpenCandy, C:\Program Files\FrostWire\frostwire-installer.exe, Quarantined, [9735578dbbcf91a5e26ff06ee520916f], PUP.Optional.RegCleanPro.C, C:\Windows\System32\roboot.exe, Quarantined, [9636e0045337d363d6fc076339cc4cb4], PUP.Optional.SavePass.A, C:\Users\Novella pc\AppData\Local\Temp\4315.exe, Quarantined, [04c8ca1acdbd8da974eabfa6748d0ff1], PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Delete-on-Reboot, [e7e5f7ed1971ad89d7a4a7770bf8827e], PUP.Optional.OpenCandy, C:\Users\Novella pc\AppData\Roaming\OpenCandy\33F3E780212A45AC90DC5DA13999BAC8\LenovoSHAREit.exe, Quarantined, [d1fb0adae0aa8aac6aab0fc7cf33e719], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [0ebe63815535043215c9ac3b20e21ae6], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\update.exe, Quarantined, [0ebe63815535043215c9ac3b20e21ae6], PUP.Optional.SystemSpeedup, C:\Users\Novella pc\AppData\Roaming\systweak\ssd\SSDPTstub.exe, Quarantined, [18b44f95c8c2f73fd36b52964eb4df21], PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, Quarantined, [28a417cd1e6ceb4be6e043beb05333cd], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Google Profile.ico, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\am.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\background.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\channel.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\feedback.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\helper.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\imageoverlay.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\jquery.hoverIntent.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\jquery.lazyload.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\jquery.scrollstop.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\jquery_swl-1.7.2.min.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\laugh.ico, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\options.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\popup.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\qp.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\smileyscript.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\swl_base.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\swl_core.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\swl_facebookchat.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\swl_smileys.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\uuid.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\similar\jquery.base64.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.1.0.0_0\similar\similar_tr.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\craw_background.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.Crossbrowse.C, C:\Users\Novella pc\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\craw_window.js, Quarantined, [2e9e0bd90882ec4aa368af53b350728e], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\BrowerWatchCH.dll, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\BrowerWatchFF.dll, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\BrowserAction.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\CmdShell.exe, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\conf, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\defsearchp@gmail.com!1.0.0.1039.xpi, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\HPNotify.exe, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\IeWatchDog.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\install.data, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcp110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\msvcr110.dll, Delete-on-Reboot, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\searchProvider.xml, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\uninstall.exe, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\about.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\about_bk.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\btn.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\btn_apply.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\close.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\conf.xml, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\conf_back.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\input_bk.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\logo.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\main.xml, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\radio_1.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\radio_2.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\rigth_arrow.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\skin\settings.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\data.html, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\indexIE.html, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\indexIE8.html, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\main.css, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\img\google_trends.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\img\icon128.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\img\icon16.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\img\icon48.png, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\img\loading.gif, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\img\logo32.ico, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\common.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\ga.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\jquery-1.11.0.min.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\jquery.autocomplete.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\jquery.xdomainrequest.min.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\js.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\library.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\xagainit-ie8.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\xagainit2.0.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\js\xdomain.min.js, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\en-US\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\es-419\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\es-ES\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-BE\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-CA\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-CH\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-FR\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\fr-LU\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\it-CH\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\it-IT\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\pl\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\pt\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\pt-BR\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\ru\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\ru-MO\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\tr-TR\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\vi-VI\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\zh-CN\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], PUP.Optional.MiuiTab.A, C:\Program Files\MiuiTab\web\_locales\zh-TW\messages.json, Quarantined, [705c42a2b3d7a3933dae32d311f247b9], Physical Sectors: 0 (No malicious items detected) (end) ---------------------------------------- Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 22/07/2015 Scan Time: 10:47 a.m. Logfile: mal2.txt Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.07.22.04 Rootkit Database: v2015.07.17.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8 CPU: x86 File System: NTFS User: Novella pc Scan Type: Threat Scan Result: Completed Objects Scanned: 301021 Time Elapsed: 9 min, 0 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HIGHDEFACTION, Quarantined, [725a3aaa8802999db1e5dcb96c985ca4], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)

Hello, actually we only use Mozilla , but I would still like to know about the setting "Terminate Internet Explorer during Threat removal" in Management Console Administrators Guide . Can anyone explain it to me? Greetings Martin