Related blog content
File-in-the-middle hijackers
Adware the series, part 1 (browser extensions)
Adware.HPDefender is Malwarebytes’ generic detection name for a family of adware targeting Windows systems.
Adware.HPDefender is spread by bundlers. Its main focus is browser hijacking, using many different methods, including manipulating your browser(s) to change your startpage or searchscopes so that the affected browser visits their site or one of their choice.
Adware.HPDefender replaces many browser shortcuts and shows advertisements.
Malwarebytes blocks Adware.HPDefender using real-time protection.
Malwarebytes blocks Adware.HPDefender
Malwarebytes can detect and remove Adware.HPDefender without further user interaction.
An example Malwarebytes removal log for a member of this family called QIPApp:
Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/1/17 Scan Time: 9:11 AM Log File: mbamQIPApp.txt Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.122 Update Package Version: 1.0.2064 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 333477 Threats Detected: 11 Threats Quarantined: 11 Time Elapsed: 1 min, 56 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 1 Adware.HPDefender, C:\USERS\{username}\APPDATA\ROAMING\QIPAPP\QIPAPP.EXE, Quarantined, [21], [403763],1.0.2064 Module: 1 Adware.HPDefender, C:\USERS\{username}\APPDATA\ROAMING\QIPAPP\QIPAPP.EXE, Quarantined, [21], [403763],1.0.2064 Registry Key: 2 PUP.Optional.ICLoader, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\QIPApp, Delete-on-Reboot, [652], [403803],1.0.2064 Adware.QIPApp, HKCU\SOFTWARE\QIPApp, Delete-on-Reboot, [9346], [390812],1.0.2064 Registry Value: 1 Adware.HPDefender, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|QIPApp, Delete-on-Reboot, [21], [403763],1.0.2064 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 2 Adware.HPDefender, C:\Users\{username}\AppData\Roaming\QIPApp\QIPApp, Delete-on-Reboot, [21], [396014],1.0.2064 Adware.HPDefender, C:\USERS\{username}\APPDATA\ROAMING\QIPAPP, Delete-on-Reboot, [21], [396014],1.0.2064 File: 4 Adware.HPDefender, C:\USERS\{username}\APPDATA\ROAMING\QIPAPP\QIPAPP.EXE, Delete-on-Reboot, [21], [403763],1.0.2064 PUP.Optional.ICLoader, C:\USERS\{username}\DESKTOP\4617463.EXE, Delete-on-Reboot, [652], [403803],1.0.2064 PUP.Optional.ICLoader, C:\USERS\{username}\APPDATA\ROAMING\QIPAPP\UNINSTALLER.EXE, Delete-on-Reboot, [652], [403803],1.0.2064 Adware.HPDefender, C:\Users\{username}\AppData\Roaming\QIPApp\QIPApp\qipApp8.exe, Delete-on-Reboot, [21], [396014],1.0.2064 Physical Sector: 0 (No malicious items detected) (end)
Removal guides for other examples:
Select your language