virus logo Virus

Riskware/PUP

description-logoAnalysis



This detection is for installers of applications that bundle themselves with toolbars or Browser Helper Objects (BHOs) that usually display some form of adverstisement. The detection does not indicate the presence of malware, but is used to classify software with possibly unwanted behavior that may be a potential risk to users.
Riskware applications usually affect productivity and are thus not useful in a corporate environment.
A few noticeable bundles that have been observed were made with NSIS, WiseInstaller, and SmartInstaller.
Below are screenshots of some of the installation packages:


  • Figure 1: Installation prompt example 1.


  • Figure 2: Installation prompt example 2.


  • Figure 3: Installation prompt example 3.


  • Figure 4: Installation prompt example 4.

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2023-12-08 91.09531
2023-12-08 91.09527
2023-12-08 91.09520
2023-12-07 91.09512
2023-12-07 91.09506
2023-12-07 91.09504
2023-12-07 91.09501
2023-12-06 91.09482
2023-12-06 91.09475
2023-12-06 91.09473
ID 2959836
Released Aug 17, 2011
Description
Updated		 Dec 12, 2014
Aliases Amonetize, Gen:Variant.Adware.Netfilter.2, Gen:Variant.Graftor.104544, HEUR:Trojan.Win32.StartPage, not-a-virus:AdWare.Win32.SmartInstaller.a, SmartInstaller, Gen:Variant.Application.Barys.35597, Win32/AdWare.WiseInst
Platform Profile Riskware is a term for potentially unwanted or dangerous software programs that do not fall under Adware. They could be legitimate software applications that may be misused and pose possible security risks to users.