As part of our ongoing effort to provide better malware protection, the March release of the
Microsoft Malicious Software Removal Tool (MSRT) will include detections for
Vonteera – a family of browser modifiers, and
Fynloski – a family of backdoor trojans. In this blog, we’ll focus on the Vonteera family of browser modifiers.
BrowserModifier:Win32/Vonteera
We first detected BrowserModifier:Win32/Vonteera in August 2013, and the numbers have been pretty big; during the past six months, we’ve had over eight million detections. Encounters have been distributed among the following countries and regions:
We classify Vonteera as unwanted software because it violates the following
objective criteria:
- Lack of choice – the threat circumvents user consent dialogs from the browser or operating system. It installs, reinstalls, or removes software without your permission, interaction, or consent.
- Lack of control – the threat prevents or limits you from viewing or modifying browser features or settings.
- Installation and removal – the threat fails to use standard install/uninstall features, such as Add/Remove Programs.
