HomepageDefender
Posted: April 11, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 871 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 259,392 |
| First Seen: | April 11, 2016 |
|---|---|
| Last Seen: | March 10, 2025 |
| OS(es) Affected: | Windows |
HomepageDefender is a low-level cyber threat whose installation may lead to unwanted changes to the configuration of the Web browsers found on the user's computer. Apart from modifying the browser settings, HomepageDefender also may inject marketing content in Web browser windows, and expose users to low-quality advertisements that may contain irrelevant or dubious content. The HomepageDefender application is considered unsafe because of its tendency to lead users to low-quality websites, and its removal is strongly recommended.
When installed, HomepageDefender creates a Windows Service, which is configured to start as soon as Windows is started automatically. This way, HomepageDefender ensures that it will always be running and that HomepageDefender will be able to inject its content in the user's Web browser as long as the software is present on the computer. One of the redirects that HomepageDefender may cause leads users to Dersreagen.ru, a low-quality redirect-gateway that may display ads, pop-ups, and other marketing content hosted on various domains.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%PROGRAMFILES%\HPWhale\HPWhaleSrv.exe
File name: HPWhaleSrv.exeSize: 1.87 MB (1870336 bytes)
MD5: 4ab9c645d98e4dd5e4d45d9d089fa402
Detection count: 253
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPWhale
Group: Malware file
Last Updated: January 2, 2020
%APPDATA%\MinesweeperApp\mineApplication.exe
File name: mineApplication.exeSize: 195.58 KB (195584 bytes)
MD5: 417ac3024f4f6ce485af790a1396abf5
Detection count: 251
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\MinesweeperApp
Group: Malware file
Last Updated: May 20, 2024
%PROGRAMFILES%\HPWhale\WhaleStarter.exe
File name: WhaleStarter.exeSize: 855.55 KB (855552 bytes)
MD5: d4ab59ac5bdb133408d91530bc1fe8ce
Detection count: 246
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPWhale
Group: Malware file
Last Updated: August 11, 2017
%APPDATA%\ArchiverApp\archApplication2.exe
File name: archApplication2.exeSize: 147.45 KB (147456 bytes)
MD5: e999b1aebd875b22ce84ec4cd5a80618
Detection count: 112
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\ArchiverApp
Group: Malware file
Last Updated: April 18, 2020
%APPDATA%\AkelPadApp4\AkelPadApp4.exe
File name: AkelPadApp4.exeSize: 179.71 KB (179712 bytes)
MD5: cdb5e9c94e70177d431eefa8a1021f01
Detection count: 105
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\AkelPadApp4
Group: Malware file
Last Updated: December 17, 2016
%APPDATA%\HPMonkey\HPMonkeySrv.exe
File name: HPMonkeySrv.exeSize: 1.11 MB (1117184 bytes)
MD5: 84d80aad8e4a12dcf416ff1c74c27d57
Detection count: 82
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\HPMonkey
Group: Malware file
Last Updated: December 17, 2016
%PROGRAMFILES(x86)%\HPLion\HPLionSrv.exe
File name: HPLionSrv.exeSize: 1.8 MB (1800704 bytes)
MD5: 37f3f14a58d90e20f28888f7c51818ce
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\HPLion
Group: Malware file
Last Updated: August 10, 2017
%APPDATA%\SIVApp\SIVApp.exe
File name: SIVApp.exeSize: 286.72 KB (286720 bytes)
MD5: ee4fd15552eb199af839d73b6d17a0a5
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\SIVApp
Group: Malware file
Last Updated: June 14, 2017
%APPDATA%\HPReyos\HPReyosSrv3.exe
File name: HPReyosSrv3.exeSize: 436.22 KB (436224 bytes)
MD5: 1f88cdac186e05bfed6f07bf656d1413
Detection count: 37
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\HPReyos
Group: Malware file
Last Updated: November 29, 2019
%PROGRAMFILES%\HPZebra\HPZebraSrv.exe
File name: HPZebraSrv.exeSize: 4.82 MB (4824248 bytes)
MD5: 15bad7bb29ae5db00c837b995ba8981a
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPZebra
Group: Malware file
Last Updated: August 10, 2017
%PROGRAMFILES(x86)%\HPBear\BearStarter.exe
File name: BearStarter.exeSize: 2.13 MB (2133784 bytes)
MD5: d27b734104dd51eb77e7bfafa1482486
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\HPBear
Group: Malware file
Last Updated: July 19, 2017
%PROGRAMFILES%\HPTurtle\HPTurtleSrv.exe
File name: HPTurtleSrv.exeSize: 5.44 MB (5441984 bytes)
MD5: 62554456dc123d3bdb1e8c12646121e6
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPTurtle
Group: Malware file
Last Updated: August 10, 2017
%PROGRAMFILES%\Sersoft\qQTqsk.exe
File name: qQTqsk.exeSize: 234.52 KB (234528 bytes)
MD5: bfd7be3ccca459854e3d1f4a7d7e09e9
Detection count: 25
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Sersoft
Group: Malware file
Last Updated: October 20, 2017
%APPDATA%\CpuzApp4\CpuzApp.exe
File name: CpuzApp.exeSize: 829.44 KB (829440 bytes)
MD5: c45ce49c6da37a57a765fdd76f18f2f9
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CpuzApp4
Group: Malware file
Last Updated: September 12, 2017
%PROGRAMFILES%\HPWombat\HPWombatSrv.exe
File name: HPWombatSrv.exeSize: 4.95 MB (4956768 bytes)
MD5: 448c8e296935047b51648416f8c59761
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPWombat
Group: Malware file
Last Updated: August 10, 2017
%APPDATA%\Mp3tagApp\Mp3tagApp.exe
File name: Mp3tagApp.exeSize: 755.71 KB (755712 bytes)
MD5: 0739a1a6e49fd9127a6d2325062a1b7e
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Mp3tagApp
Group: Malware file
Last Updated: April 7, 2017
%PROGRAMFILES%\HPLion\LionStarter.exe
File name: LionStarter.exeSize: 1.16 MB (1162240 bytes)
MD5: 2a12c807be21c2e061d5a17520bd09c5
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPLion
Group: Malware file
Last Updated: August 11, 2017
%APPDATA%\CoreTempApp\CoreTempApp.exe
File name: CoreTempApp.exeSize: 429.05 KB (429056 bytes)
MD5: 9bc4d1eb4f0421c950402912e48ec0d6
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\CoreTempApp
Group: Malware file
Last Updated: October 28, 2017
%APPDATA%\DjvuApp\DjvuApp.exe
File name: DjvuApp.exeSize: 548.35 KB (548352 bytes)
MD5: f90b3c910364025c02098db108144c0f
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\DjvuApp
Group: Malware file
Last Updated: April 7, 2017
%PROGRAMFILES%\HPBear\HPBearSrv.exe
File name: HPBearSrv.exeSize: 2.74 MB (2743528 bytes)
MD5: ad4ec15ddd6f7b8827cf615174b95914
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\HPBear
Group: Malware file
Last Updated: August 11, 2017
%APPDATA%\TablacusApp2\TablacusApp.exe
File name: TablacusApp.exeSize: 1.65 MB (1653664 bytes)
MD5: 0ed47bed91b768278b544faa448e9712
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\TablacusApp2
Group: Malware file
Last Updated: August 12, 2017
More files
Registry Modifications
File name without pathcpuz_x32.lnkHwmonitor2.lnkmplayerc.lnkqip 8.0.lnkQip 9.lnkqipApp8.lnkSIV32x.lnkTablacus.lnkRegexp file mask%APPDATA%\CpuzApp2\CpuzApp.exe%APPDATA%\CpuzApp\CpuzApp.exe%APPDATA%\Mp3tagApp\Mp3tagApp.exe%PROGRAMFILES(x86)%\Homepage\instl.exe%USERPROFILE%\Desktop\AkelPad.lnkHKEY..\..\..\..{RegistryKeys}SOFTWARE\AkelPadAppSOFTWARE\Akelsoft\AkelPadSoftware\archApplicationSoftware\CoreTempAppSoftware\CpuzAppSOFTWARE\DjvuAppSOFTWARE\HomePageDefenderSOFTWARE\HPLionSOFTWARE\HPMammothSOFTWARE\HPPandaSOFTWARE\HPRewriterSOFTWARE\HPReyosSOFTWARE\HPTurtleSOFTWARE\HPWhaleSOFTWARE\HPWombatSOFTWARE\HPZebraSoftware\HwmonitorAppSOFTWARE\KeePassAppSoftware\MediaPlayerApplicationSOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\notepad3k.exeSOFTWARE\Microsoft\Tracing\notepad3k_RASAPI32SOFTWARE\Microsoft\Tracing\notepad3k_RASMANCSSoftware\Microsoft\Windows\CurrentVersion\Run\KeePassAppSoftware\Microsoft\Windows\CurrentVersion\Run\QIPAppSoftware\Microsoft\Windows\CurrentVersion\Run\SIVAppSoftware\Mp3tagAppSoftware\nppApplicationSoftware\QIPAppSOFTWARE\SearchPageDefenderSoftware\SIVAppSoftware\SpeccyAppSoftware\TablacusAppSOFTWARE\Wow6432Node\Akelsoft\AkelPadSOFTWARE\Wow6432Node\HomePageDefenderSOFTWARE\WOW6432Node\HPLionSOFTWARE\Wow6432Node\HPMammothSOFTWARE\Wow6432Node\HPPandaSOFTWARE\Wow6432Node\HPRewriterSOFTWARE\Wow6432Node\HPReyosSOFTWARE\WOW6432Node\HPTigerSOFTWARE\WOW6432Node\HPTurtleSOFTWARE\Wow6432Node\HPWhaleSOFTWARE\Wow6432Node\HPWombatSOFTWARE\WOW6432Node\HPZebraSOFTWARE\Wow6432Node\Microsoft\Tracing\notepad3k_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\notepad3k_RASMANCSSOFTWARE\Wow6432Node\SearchPageDefenderSYSTEM\ControlSet001\services\HomePageDefender ServiceSYSTEM\ControlSet001\Services\HPPanda ServiceSYSTEM\ControlSet001\services\HPReyos ServiceSYSTEM\ControlSet001\Services\HPSewil ServiceSYSTEM\ControlSet001\services\HPWriter ServiceSYSTEM\ControlSet001\services\HSystemSYSTEM\ControlSet002\services\HomePageDefender ServiceSYSTEM\ControlSet002\Services\HPPanda ServiceSYSTEM\ControlSet002\services\HPReyos ServiceSYSTEM\ControlSet002\Services\HPSewil ServiceSYSTEM\ControlSet002\services\HPWriter ServiceSYSTEM\ControlSet002\services\HSystemSYSTEM\CurrentControlSet\services\HomePageDefender ServiceSYSTEM\CurrentControlSet\Services\HPPanda ServiceSYSTEM\CurrentControlSet\services\HPReyos ServiceSYSTEM\CurrentControlSet\Services\HPSewil ServiceSYSTEM\CurrentControlSet\services\HPWriter ServiceSYSTEM\CurrentControlSet\Services\HSystemHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AkelPadAppArchiverAppCoreTempAppCpuzApp3CpuzApp4CpuzApp5DjvuAppHomePageDefenderHPBearHPLionHPMammothHPMonkeyHPPandaHPRewriter2HPReyosHPSewilHPTigerHPTurtleHPWhaleHPWombatHPWriterHPZebraHwmonitorAppKeePassAppMediaPlayerApplicationMediaPlayerApplication2Mp3tagAppMp3tagApp2Mp3tagApp3QIPAppSearchPageDefenderSIVAppSpeccyAppTablacusApp
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.