HomepageDefender
Posted: April 11, 2016
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 936 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 252,788 |
| First Seen: | April 11, 2016 |
|---|---|
| Last Seen: | October 17, 2023 |
| OS(es) Affected: | Windows |
HomepageDefender is a low-level cyber threat whose installation may lead to unwanted changes to the configuration of the Web browsers found on the user's computer. Apart from modifying the browser settings, HomepageDefender also may inject marketing content in Web browser windows, and expose users to low-quality advertisements that may contain irrelevant or dubious content. The HomepageDefender application is considered unsafe because of its tendency to lead users to low-quality websites, and its removal is strongly recommended.
When installed, HomepageDefender creates a Windows Service, which is configured to start as soon as Windows is started automatically. This way, HomepageDefender ensures that it will always be running and that HomepageDefender will be able to inject its content in the user's Web browser as long as the software is present on the computer. One of the redirects that HomepageDefender may cause leads users to Dersreagen.ru, a low-quality redirect-gateway that may display ads, pop-ups, and other marketing content hosted on various domains.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%PROGRAMFILES%\HPWhale\HPWhaleSrv.exe
File name: HPWhaleSrv.exeSize: 1.87 MB (1870336 bytes)
MD5: 4ab9c645d98e4dd5e4d45d9d089fa402
Detection count: 253
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPWhale
Group: Malware file
Last Updated: January 2, 2020
%PROGRAMFILES%\HPWhale\WhaleStarter.exe
File name: WhaleStarter.exeSize: 855.55 KB (855552 bytes)
MD5: d4ab59ac5bdb133408d91530bc1fe8ce
Detection count: 246
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPWhale
Group: Malware file
Last Updated: August 11, 2017
%PROGRAMFILES%\HPLion\HPLionSrv.exe
File name: HPLionSrv.exeSize: 1.8 MB (1800704 bytes)
MD5: e211db3c47a2dfb778b1dd7a18e6fc5d
Detection count: 180
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPLion
Group: Malware file
Last Updated: August 10, 2017
%APPDATA%\CpuzApp4\CpuzApp.exe
File name: CpuzApp.exeSize: 570.36 KB (570368 bytes)
MD5: 7dcdd010445b3be73e85a8b3b3a2a780
Detection count: 155
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CpuzApp4
Group: Malware file
Last Updated: September 12, 2017
%APPDATA%\TablacusApp2\TablacusApp.exe
File name: TablacusApp.exeSize: 418.3 KB (418304 bytes)
MD5: aac3f46f1975d927cf7cbd34e353cd69
Detection count: 105
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\TablacusApp2
Group: Malware file
Last Updated: August 12, 2017
%APPDATA%\TablacusApp local files\TablacusApp.exe
File name: TablacusApp.exeSize: 4.67 MB (4675661 bytes)
MD5: 479621dbcda98216d1d1354c7163b801
Detection count: 93
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\TablacusApp local files
Group: Malware file
Last Updated: August 12, 2017
%APPDATA%\CoreTempApp\CoreTempApp.exe
File name: CoreTempApp.exeSize: 2.47 MB (2470344 bytes)
MD5: 4210d4837a5617818edfb762da004d06
Detection count: 56
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CoreTempApp
Group: Malware file
Last Updated: October 28, 2019
%PROGRAMFILES(x86)%\HPLion\HPLionSrv.exe
File name: HPLionSrv.exeSize: 1.8 MB (1800704 bytes)
MD5: 37f3f14a58d90e20f28888f7c51818ce
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\HPLion
Group: Malware file
Last Updated: August 10, 2017
%APPDATA%\CpuzApp4\CpuzApp.exe
File name: CpuzApp.exeSize: 707.58 KB (707584 bytes)
MD5: 52f93b1f65738aa2dbab9f21a8291bfc
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CpuzApp4
Group: Malware file
Last Updated: September 7, 2018
%APPDATA%\CpuzApp4\CpuzApp.exe
File name: CpuzApp.exeSize: 716.8 KB (716800 bytes)
MD5: cb53776e8dd4b7ee7c1c69a7ddb83851
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CpuzApp4
Group: Malware file
Last Updated: September 12, 2017
%PROGRAMFILES%\HPZebra\HPZebraSrv.exe
File name: HPZebraSrv.exeSize: 4.82 MB (4824248 bytes)
MD5: 15bad7bb29ae5db00c837b995ba8981a
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPZebra
Group: Malware file
Last Updated: August 10, 2017
%APPDATA%\CpuzApp4\CpuzApp.exe
File name: CpuzApp.exeSize: 714.75 KB (714752 bytes)
MD5: cc30369dd234f4f635047b18465274e4
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CpuzApp4
Group: Malware file
Last Updated: September 12, 2017
%APPDATA%\CoreTempApp\CoreTempApp.exe
File name: CoreTempApp.exeSize: 407.55 KB (407552 bytes)
MD5: 60760eac73874d4def94a9aeafa134c4
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CoreTempApp
Group: Malware file
Last Updated: December 15, 2019
%APPDATA%\CpuzApp4\CpuzApp.exe
File name: CpuzApp.exeSize: 829.44 KB (829440 bytes)
MD5: c45ce49c6da37a57a765fdd76f18f2f9
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CpuzApp4
Group: Malware file
Last Updated: September 12, 2017
%APPDATA%\TablacusApp\TablacusApp.exe
File name: TablacusApp.exeSize: 405.5 KB (405504 bytes)
MD5: ba76f5f759e1d26225aecdfabbd63da4
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\TablacusApp
Group: Malware file
Last Updated: August 12, 2017
%PROGRAMFILES%\HPLion\LionStarter.exe
File name: LionStarter.exeSize: 1.16 MB (1162240 bytes)
MD5: 2a12c807be21c2e061d5a17520bd09c5
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPLion
Group: Malware file
Last Updated: August 11, 2017
%APPDATA%\CoreTempApp\CoreTempApp.exe
File name: CoreTempApp.exeSize: 540.67 KB (540672 bytes)
MD5: 18d6e60278638949553be17c0636e082
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CoreTempApp
Group: Malware file
Last Updated: March 27, 2020
%APPDATA%\CoreTempApp\CoreTempApp.exe
File name: CoreTempApp.exeSize: 429.05 KB (429056 bytes)
MD5: 9bc4d1eb4f0421c950402912e48ec0d6
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CoreTempApp
Group: Malware file
Last Updated: October 28, 2017
%PROGRAMFILES%\HPBear\HPBearSrv.exe
File name: HPBearSrv.exeSize: 2.74 MB (2743528 bytes)
MD5: ad4ec15ddd6f7b8827cf615174b95914
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPBear
Group: Malware file
Last Updated: August 11, 2017
%APPDATA%\TablacusApp2\TablacusApp.exe
File name: TablacusApp.exeSize: 1.65 MB (1653664 bytes)
MD5: 0ed47bed91b768278b544faa448e9712
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\TablacusApp2
Group: Malware file
Last Updated: August 12, 2017
More files
Registry Modifications
The following newly produced Registry Values are:
File name without pathcpuz_x32.lnkHwmonitor2.lnkmplayerc.lnkqip 8.0.lnkQip 9.lnkqipApp8.lnkSIV32x.lnkTablacus.lnkRegexp file mask%APPDATA%\CpuzApp2\CpuzApp.exe%APPDATA%\CpuzApp\CpuzApp.exe%APPDATA%\Mp3tagApp\Mp3tagApp.exe%PROGRAMFILES(x86)%\Homepage\instl.exe%USERPROFILE%\Desktop\AkelPad.lnkHKEY..\..\..\..{RegistryKeys}SOFTWARE\AkelPadAppSOFTWARE\Akelsoft\AkelPadSoftware\archApplicationSoftware\CoreTempAppSoftware\CpuzAppSOFTWARE\DjvuAppSOFTWARE\HomePageDefenderSOFTWARE\HPLionSOFTWARE\HPMammothSOFTWARE\HPPandaSOFTWARE\HPRewriterSOFTWARE\HPReyosSOFTWARE\HPTurtleSOFTWARE\HPWhaleSOFTWARE\HPWombatSOFTWARE\HPZebraSoftware\HwmonitorAppSOFTWARE\KeePassAppSoftware\MediaPlayerApplicationSOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\notepad3k.exeSOFTWARE\Microsoft\Tracing\notepad3k_RASAPI32SOFTWARE\Microsoft\Tracing\notepad3k_RASMANCSSoftware\Microsoft\Windows\CurrentVersion\Run\KeePassAppSoftware\Microsoft\Windows\CurrentVersion\Run\QIPAppSoftware\Microsoft\Windows\CurrentVersion\Run\SIVAppSoftware\Mp3tagAppSoftware\nppApplicationSoftware\QIPAppSOFTWARE\SearchPageDefenderSoftware\SIVAppSoftware\SpeccyAppSoftware\TablacusAppSOFTWARE\Wow6432Node\Akelsoft\AkelPadSOFTWARE\Wow6432Node\HomePageDefenderSOFTWARE\WOW6432Node\HPLionSOFTWARE\Wow6432Node\HPMammothSOFTWARE\Wow6432Node\HPPandaSOFTWARE\Wow6432Node\HPRewriterSOFTWARE\Wow6432Node\HPReyosSOFTWARE\WOW6432Node\HPTigerSOFTWARE\WOW6432Node\HPTurtleSOFTWARE\Wow6432Node\HPWhaleSOFTWARE\Wow6432Node\HPWombatSOFTWARE\WOW6432Node\HPZebraSOFTWARE\Wow6432Node\Microsoft\Tracing\notepad3k_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\notepad3k_RASMANCSSOFTWARE\Wow6432Node\SearchPageDefenderSYSTEM\ControlSet001\services\HomePageDefender ServiceSYSTEM\ControlSet001\Services\HPPanda ServiceSYSTEM\ControlSet001\services\HPReyos ServiceSYSTEM\ControlSet001\Services\HPSewil ServiceSYSTEM\ControlSet001\services\HPWriter ServiceSYSTEM\ControlSet001\services\HSystemSYSTEM\ControlSet002\services\HomePageDefender ServiceSYSTEM\ControlSet002\Services\HPPanda ServiceSYSTEM\ControlSet002\services\HPReyos ServiceSYSTEM\ControlSet002\Services\HPSewil ServiceSYSTEM\ControlSet002\services\HPWriter ServiceSYSTEM\ControlSet002\services\HSystemSYSTEM\CurrentControlSet\services\HomePageDefender ServiceSYSTEM\CurrentControlSet\Services\HPPanda ServiceSYSTEM\CurrentControlSet\services\HPReyos ServiceSYSTEM\CurrentControlSet\Services\HPSewil ServiceSYSTEM\CurrentControlSet\services\HPWriter ServiceSYSTEM\CurrentControlSet\Services\HSystemHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AkelPadAppArchiverAppCoreTempAppCpuzApp3CpuzApp4CpuzApp5DjvuAppHomePageDefenderHPBearHPLionHPMammothHPMonkeyHPPandaHPRewriter2HPReyosHPSewilHPTigerHPTurtleHPWhaleHPWombatHPWriterHPZebraHwmonitorAppKeePassAppMediaPlayerApplicationMediaPlayerApplication2Mp3tagAppMp3tagApp2Mp3tagApp3QIPAppSearchPageDefenderSIVAppSpeccyAppTablacusApp
File name without pathcpuz_x32.lnkHwmonitor2.lnkmplayerc.lnkqip 8.0.lnkQip 9.lnkqipApp8.lnkSIV32x.lnkTablacus.lnkRegexp file mask%APPDATA%\CpuzApp2\CpuzApp.exe%APPDATA%\CpuzApp\CpuzApp.exe%APPDATA%\Mp3tagApp\Mp3tagApp.exe%PROGRAMFILES(x86)%\Homepage\instl.exe%USERPROFILE%\Desktop\AkelPad.lnkHKEY..\..\..\..{RegistryKeys}SOFTWARE\AkelPadAppSOFTWARE\Akelsoft\AkelPadSoftware\archApplicationSoftware\CoreTempAppSoftware\CpuzAppSOFTWARE\DjvuAppSOFTWARE\HomePageDefenderSOFTWARE\HPLionSOFTWARE\HPMammothSOFTWARE\HPPandaSOFTWARE\HPRewriterSOFTWARE\HPReyosSOFTWARE\HPTurtleSOFTWARE\HPWhaleSOFTWARE\HPWombatSOFTWARE\HPZebraSoftware\HwmonitorAppSOFTWARE\KeePassAppSoftware\MediaPlayerApplicationSOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\notepad3k.exeSOFTWARE\Microsoft\Tracing\notepad3k_RASAPI32SOFTWARE\Microsoft\Tracing\notepad3k_RASMANCSSoftware\Microsoft\Windows\CurrentVersion\Run\KeePassAppSoftware\Microsoft\Windows\CurrentVersion\Run\QIPAppSoftware\Microsoft\Windows\CurrentVersion\Run\SIVAppSoftware\Mp3tagAppSoftware\nppApplicationSoftware\QIPAppSOFTWARE\SearchPageDefenderSoftware\SIVAppSoftware\SpeccyAppSoftware\TablacusAppSOFTWARE\Wow6432Node\Akelsoft\AkelPadSOFTWARE\Wow6432Node\HomePageDefenderSOFTWARE\WOW6432Node\HPLionSOFTWARE\Wow6432Node\HPMammothSOFTWARE\Wow6432Node\HPPandaSOFTWARE\Wow6432Node\HPRewriterSOFTWARE\Wow6432Node\HPReyosSOFTWARE\WOW6432Node\HPTigerSOFTWARE\WOW6432Node\HPTurtleSOFTWARE\Wow6432Node\HPWhaleSOFTWARE\Wow6432Node\HPWombatSOFTWARE\WOW6432Node\HPZebraSOFTWARE\Wow6432Node\Microsoft\Tracing\notepad3k_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\notepad3k_RASMANCSSOFTWARE\Wow6432Node\SearchPageDefenderSYSTEM\ControlSet001\services\HomePageDefender ServiceSYSTEM\ControlSet001\Services\HPPanda ServiceSYSTEM\ControlSet001\services\HPReyos ServiceSYSTEM\ControlSet001\Services\HPSewil ServiceSYSTEM\ControlSet001\services\HPWriter ServiceSYSTEM\ControlSet001\services\HSystemSYSTEM\ControlSet002\services\HomePageDefender ServiceSYSTEM\ControlSet002\Services\HPPanda ServiceSYSTEM\ControlSet002\services\HPReyos ServiceSYSTEM\ControlSet002\Services\HPSewil ServiceSYSTEM\ControlSet002\services\HPWriter ServiceSYSTEM\ControlSet002\services\HSystemSYSTEM\CurrentControlSet\services\HomePageDefender ServiceSYSTEM\CurrentControlSet\Services\HPPanda ServiceSYSTEM\CurrentControlSet\services\HPReyos ServiceSYSTEM\CurrentControlSet\Services\HPSewil ServiceSYSTEM\CurrentControlSet\services\HPWriter ServiceSYSTEM\CurrentControlSet\Services\HSystemHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AkelPadAppArchiverAppCoreTempAppCpuzApp3CpuzApp4CpuzApp5DjvuAppHomePageDefenderHPBearHPLionHPMammothHPMonkeyHPPandaHPRewriter2HPReyosHPSewilHPTigerHPTurtleHPWhaleHPWombatHPWriterHPZebraHwmonitorAppKeePassAppMediaPlayerApplicationMediaPlayerApplication2Mp3tagAppMp3tagApp2Mp3tagApp3QIPAppSearchPageDefenderSIVAppSpeccyAppTablacusApp
Additional Information
The following directories were created:
%APPDATA%\AkelPadApp%APPDATA%\AkelPadApp3%APPDATA%\AkelPadApp4%APPDATA%\AnyDeskApp%APPDATA%\ArchiverApp%APPDATA%\CoreTempApp%APPDATA%\Coretemp%APPDATA%\CpuzApp3%APPDATA%\CpuzApp4%APPDATA%\CpuzApp5%APPDATA%\Cust7z%APPDATA%\DjvuApp%APPDATA%\HPCurator%APPDATA%\HPMonkey%APPDATA%\HPPanda%APPDATA%\HPRewriter%APPDATA%\HPRewriter2%APPDATA%\HPReyos%APPDATA%\HPSalter%APPDATA%\HPSewil%APPDATA%\HPSoyer%APPDATA%\HPStocker%APPDATA%\HPWombat%APPDATA%\HPWriter%APPDATA%\HwmonitorApp%APPDATA%\KeePassApp%APPDATA%\MediaPlayerApplication%APPDATA%\MediaPlayerApplication2%APPDATA%\Microsoft\Windows\Start Menu\Programs\notepad3k%APPDATA%\MinesweeperApp%APPDATA%\MinesweeperApp2%APPDATA%\Mp3tagApp2%APPDATA%\Mp3tagApp3%APPDATA%\NotepadPlusPlusApp%APPDATA%\QIPApp%APPDATA%\SIV%APPDATA%\SIVApp%APPDATA%\SpeccyApp%PROGRAMFILES%\HPBear%PROGRAMFILES%\HPGuard%PROGRAMFILES%\HPHolder%PROGRAMFILES%\HPKeeper%PROGRAMFILES%\HPLion%PROGRAMFILES%\HPMammoth%PROGRAMFILES%\HPPanda%PROGRAMFILES%\HPReserver%PROGRAMFILES%\HPTiger%PROGRAMFILES%\HPTurtle%PROGRAMFILES%\HPWhale%PROGRAMFILES%\HPWombat%PROGRAMFILES%\HPZebra%PROGRAMFILES%\HomePageDefender%PROGRAMFILES%\HpDef%PROGRAMFILES%\HpSec%PROGRAMFILES%\Sersoft%PROGRAMFILES(x86)%\HPBear%PROGRAMFILES(x86)%\HPGuard%PROGRAMFILES(x86)%\HPHolder%PROGRAMFILES(x86)%\HPKeeper%PROGRAMFILES(x86)%\HPLion%PROGRAMFILES(x86)%\HPMammoth%PROGRAMFILES(x86)%\HPPanda%PROGRAMFILES(x86)%\HPReserver%PROGRAMFILES(x86)%\HPSaver%PROGRAMFILES(x86)%\HPTiger%PROGRAMFILES(x86)%\HPTurtle%PROGRAMFILES(x86)%\HPWhale%PROGRAMFILES(x86)%\HPWombat%PROGRAMFILES(x86)%\HPZebra%PROGRAMFILES(x86)%\HomePageDefender%PROGRAMFILES(x86)%\HpDef%PROGRAMFILES(x86)%\HpSec%PROGRAMFILES(x86)%\SearchPageDefender%PROGRAMFILES(x86)%\Sersoft%temp%\MyDiskPro
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.