What are the dangers presented by unwanted applications?
- Modified system start parameters (StartPage)
- Filter driver that displays undesirable content (Fake NetFilter)
- Spoofed DNS (Infected DNS)
- Unwanted hosts file records (Infected Hosts)
- Malicious browser extensions (Unwanted Extensions)
- Undesirable traffic-modifying application (PBot)
- Modification of browser shortcuts (Infected LNK)
Modified system start parameters (StartPage)
This type of unwanted application modifies the system registry by adding the address of an advertising site that imitates a popular internet service. The address is added to a key that registers legitimate software for Auto-start.
This results in your default browser opening the advertising site every time you restart your computer.
Filter driver that displays undesirable content (Fake NetFilter)
This type of unwanted application takes the form of a filter driver. It intercepts your internet traffic in order to display invasive and offensive ads in your browser, open advertising tabs, redirect you to unwanted sites, and steal your private data.
This type of unwanted application can function regardless of which browser you use, and even when your browser is closed.
Spoofed DNS (Infected DNS)
This type of unwanted application changes your system's DNS settings.
This unwanted application changes which DNS server your system sends address requests to. As consequence, all address requests are then sent to a different server, which will then redirect the user to fraudulent, phishing, or ad pages.
Unwanted hosts file records (Infected Hosts)
The hosts system file, located at C:\Windows\System32\drivers\etc, contains a list of website addresses and their corresponding IP addresses. Malicious applications can insert fraudulent addresses into your hosts file, thus blocking your access to popular sites, redirecting the user to phishing pages, or disabling your browser's security features.
Malicious browser extensions (Unwanted Extensions)
This type of unwanted application installs malicious extensions in your browser without your knowledge. These extensions then open advertising tabs, display invasive and offensive ads, or steal private user data .
Malicious extensions are poorly recognized by anti-virus applications. This is because extensions function within the browser and do not affect the computer's operating system.
Undesirable traffic-modifying application (PBot)
This type of unwanted application starts up every time an infected computer is turned on and tracks which applications the user opens. When the user opens a browser, the unwanted application inserts its code into the browser processes in order to redirect the user to phishing pages, change the default search engine settings, and steal the user's private data.
Modification of browser shortcuts (Infected LNK)
This type of unwanted application modifies the browser launch shortcut by inserting additional parameters (usually, a website address) or launching a different application instead of the browser. This results in the browser opening ad pages every time it starts up.