SupTab
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 1,040 |
| Threat Level: | 10 % (Normal) |
| Infected Computers: | 320,245 |
| First Seen: | January 24, 2014 |
| Last Seen: | July 17, 2025 |
| OS(es) Affected: | Windows |
SupTab is a suspicious application, involved in various adware activities. HpUI.exe is the main executable file running the SupTab program. The developers of SupTab advertise it as a tool that will improve your browsing experience. In fact, this is a Potentially Unwanted Program that may not be as a valuable addition to your system as its authors claim. One of the first symptoms that should make you doubt the legitimacy of this program is that HpUI.exe probably just "appeared’ on your system. The applications run by this executable file, may become annoying to you by consistently showing advertisements to sponsored websites. Although at first sight this program doesn't seem to be very threatening, it is the additional programs, coming along SupTab that pose a greater risk.
Table of Contents
How is SupTab Distributed?
SupTab has an official Web page but rarely do users download the program from there. It usually installs into their system in the form of a bundle. This is a very common distribution method for Potentially Unwanted Programs. There are many paid computer programs over the Internet, but sometimes people decide to avoid paying and download a free software. Usually, these freeware programs are not only less efficient than their paid rivals, but come along with some additional applications. As a typical Potentially Unwanted Program, SupTab may use certain ways of distribution, such as rogue Flash or Java update pages or fake video codecs, ‘required’ to watch videos online.
If you cannot recall intentionally installing the SupTab, most likely it relied on one of these methods.
What Makes SupTab a Potentially Unwanted Program?
HpUI.exe is the driving file for SupTab (also known as Lightning new tab) or Search Protect. These applications are promoted on many websites as helpful extensions for Internet Explorer, which means that at the moment they are not applicable to other Web browsers such as Google Chrome or Mozilla Firefox. They may be known by other names as well but eventually it is the same program. In case you can find HpUI.exe on your system, but there is no sign of SupTab, Lightning new tab or Search Protect, you certainly have another program, related to them.
HpUI.exe and SupTab are not classified as threatening. They may have annoying results, but the consequences from them will not be devastating to the system. Any program you have on your computer uses the system resources, so you may find your PC slower than usual, and there are even reports of system crashes. However, the real problem is that they often come bundled with other programs that may turn out to be harmful. One of these additional programs is a browser hijacker that often leads to Awesomehp.com which should always be taken seriously. Awesomehp browser hijacker may collect browsing information, redirect you to suspicious sites and slow down your browsing speed. Your homepage may be modified. Awesomehp.com will certainly use different methods to avoid detecting and removing. This browser hijacker may add an extension with the name IETabPage Class, which in turn will be very difficult to remove because the Internet Explorer settings are already modified.
Another threat that may appear as a result of HpUI.exe is the iStart123.com browser hijacker. It is operated by a Chinese company and promotes all kinds of junkware, in the meantime modifying and slowing your browser. There are several other hijackers, associated with HpUI.exe as well. Considering this, you can look at the process HpUI.exe as a sign of a threat currently present in your system.
What can You do Against HpUI.exe?
To avoid downloading HpUI.exe and installing any of the programs it manages, computer security experts advise to be extremely careful when you search a software over the Internet. Take your time to check the legitimacy of the sites you intend to download from. Always read every page of the installation process to see if there is some additional software along your desired one. If you find any, uncheck it and safely continue the installation process.
If you already have SupTab or HpUI.exe present in your system, it is of crucial importance to remove it as soon as possible. However, you cannot remove HpUI.exe without taking actions against the applications that are run by it - like SupTab and Search Protect. They must all be removed simultaneously and completely. This is why the best option is to use a special anti-malware program that will be capable of quickly and efficiently removing SupTab or HpUI.exe and all files and programs associated with it. Also, when the special anti-malware program performs a full system scan, you will see whether there are other threats. Moreover, you will be safeguarded in the future from other Potentially Unwanted Programs and other threats.
Aliases
15 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| DrWeb | Adware.Mutabaha.107 |
| Sophos | Generic PUA IJ |
| McAfee-GW-Edition | Artemis |
| Avast | Win32:SupTab-G [Adw] |
| McAfee | Artemis!C30458159AED |
| Panda | Generic Suspicious |
| Antiy-AVL | GrayWare[AdWare:not-a-virus]/Win32.SearchProtect |
| Kaspersky | not-a-virus:AdWare.Win32.SearchProtect.ky |
| Symantec | WS.Reputation.1 |
| AhnLab-V3 | PUP/Win32.SearchProtect |
| GData | Win32.Application.SubTab.E |
| AVG | ZhangLing.AA0 |
| AVG | Zhang.59F |
| AVG | Zhang.EF9 |
| AhnLab-V3 | Adware/Win32.Agent |
SpyHunter Detects & Remove SupTab
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | PluginService.exe.vir | 5e0c29fcd859ab8d5b1c859f034d8f2f | 5,602 |
| 2. | trz2D87.tmp | 0bb615800d2dcadc05f34cd053ace60e | 3,884 |
| 3. | Loader64.exe | 09b9b6c0f8277a86cc8f4d66aeaab762 | 3,253 |
| 4. | cfgdrv32.cfg | ad0d1330d9c9ceacb08069d2e573897d | 2,515 |
| 5. | PLUGINSERVICE.EXE.542ac9e4 | 2f0f97174cc76a2153d4ef7dba269c83 | 1,832 |
| 6. | SupTab.dll.vir | fece5b81614bd16ff043051f338183a0 | 1,389 |
| 7. | cfgdrv64.cfg | d1df98d570b57f932ccb2acdf1c11939 | 287 |
| 8. | SupTab_v5.8.8.777_noblank.exe | f3fb2b89707be53d0ccf4b909c0801b2 | 236 |
| 9. | SupTab_ns_v5.8.8.640.exe | d549db22a9e1aba82a5a647fe32306dc | 153 |
| 10. | SupTab.dll | c30458159aed49894b9a4dccd8697830 | 104 |
| 11. | A0074028.exe | b76756198468fdc616b3ebafd5268496 | 64 |
| 12. | XTab_Setup1998.exe | 415d34e187876e93a9959ab04563aa12 | 42 |
| 13. | CmdShell.exe | 6a129df750b69b6fa3e6c76ec3dcee40 | 31 |
| 14. | CmdShell.exe.vir | d1574c7af2815098274d3777cfe9657e | 25 |
| 15. | SupTab_v5.8.8.640.exe | 0abe3c3df43f605eb91fa47610ffc83d | 19 |
| 16. | XTab_v4.0.exe | ab5ef850169b67afe19637fd7b6ed049 | 17 |
| 17. | STab_v4.0.exe | 684ce32af59ccba1cc2954b5b369e364 | 14 |
| 18. | SupTab_v5.8.8.619.exe | c8b1b2053e6333ca6e8e15461dbbb30c | 8 |
| 19. | SupTab_v5.8.8.865_noblank.exe | e6b1e1bc352ba71298ae10d2958b9d50 | 8 |
| 20. | ProtectService.exe | 71dfbcb1f387f42ec07c2f605a3e5ef0 | 4 |
| 21. | SupTab_v5.8.8.749_noblank.exe | 938786491250b6c7aa2b0a9570224890 | 3 |
| 22. | SupTab_v5.8.8.864_noblank.exe | 0b794323677b724a87f5eac14ae998c0 | 3 |
| 23. | STab_Down.exe | 2215dd367287115f6a9f284b1602183c | 3 |
| 24. | XTab.exe | da5ef50c598c700600eea8f470aa5ea7 | 3 |
| 25. | SupTab_v5.8.8.777_noblank_amy.exe | 571fdf3d30fd80191dd511e5116a3c14 | 2 |
| 26. | XTab_Setup1987.exe | 22dc5bc0d2d27d0ad01ac18546fc21b2 | 2 |
| 27. | HPNotify.exe | 1c3a4b9ff103460544c8ae04fabe22b1 | 1 |
Registry Details
Directories
SupTab may create the following directory or directories:
| %ALLUSERSPROFILE%\Application Data\IePluginService |
| %ALLUSERSPROFILE%\Application Data\IePluginServices |
| %ALLUSERSPROFILE%\IePluginService |
| %ALLUSERSPROFILE%\IePluginServices |
| %APPDATA%\SupTab |
| %APPDATA%\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG\{2E089831-61B1-4CF2-8553-300574316F09}_DIYIGE |
| %PROGRAMFILES%\MiniLite |
| %PROGRAMFILES%\MiuiTab |
| %PROGRAMFILES%\STab |
| %PROGRAMFILES%\SupTab |
| %PROGRAMFILES%\XTab |
| %PROGRAMFILES(x86)%\MiniLite |
| %PROGRAMFILES(x86)%\MiuiTab |
| %PROGRAMFILES(x86)%\STab |
| %PROGRAMFILES(x86)%\SupTab |
| %PROGRAMFILES(x86)%\XTab |
| %UserProfile%\SupTab |
