Many computer users frequently facing the consequences of the operation of malicious programs (also known as malware), which may block users' computer, cause theft of personal data, distribute spam, and perform other malicious actions. At the same time, the antivirus industry has not stood still and has developed antivirus technologies that make it possible to counter even unknown malicious programs effectively, e.g. emulation, behavioral analysis, and application control. Such antivirus technologies make it possible in many cases to lower the risk of infection of users' computers by malware or reduce the damage caused by the infection.
Together with the development of malicious programs, applications that do not implement malicious actions directly but can frequently annoy the user or compel him to take unnecessary actions, e.g. to pay for a license for a program whose functional features are useless, have recently become more common. Such applications are often called undesirable programs, pestware or junkware. We shall commonly call them undesirable programs.
The undesirable actions of these undesirable programs include, but not limited to:                Unsanctioned changes of the home page of a browser, of the search engine, and of the installation of all the possible browser add-ons (plug-ins), which often lead to unwanted operation of the browser. These are the most common undesirable actions.        This class of applications is often called FakeAV, a fake antivirus. On the one hand, it does not cause any harm to the user or his data, but on the other it insistently suggests buying a license for a useless functional feature (which works, but in fact does not carry any benefit).        Optimizer programs. As well as the actually useful utilities that optimize the operation of the operating system (by removing temporary files, unused branches of the register, etc.). There are many chargeable optimizer programs that carry out no useful actions but only contain an interface that informs the users of the “useful” actions carried out.        Also featuring frequently in the list of undesirable software are spyware programs that, without the knowledge of the user, can gather data about him and his computer. Situations when the user voluntarily installs such software, most often through lack of attention, are possible.        
Undesirable programs usually do not perform any criminal actions of the kind that in most countries can invoke criminal penal sanctions (e.g. the distribution of malicious programs or the sending of spam), and they also have all the signs of legitimate programs—a graphical interface, licensing agreement, etc. Nevertheless, users are frequently dissatisfied with their operation—the programs constantly display the windows of their interface, or fail to fulfill the functional feature needed, leading to the result that the users wish to remove the programs and not install them again.
Methods for detection and removal of such programs are currently known. For example, the company Microsoft® in its utilities for removing undesirable programs provides its users with the option of distinguishing undesirable programs by pointing out their “undesirability” indicators: a deficiency of the graphical user interface GUI, a lack of information about the operation of the program, the display of an advertisement, etc.
However, such technologies are not free from certain defects, e.g. they cannot prevent the installation of undesirable programs or cancel (“rollback”) the changes made.
Therefore, there is a need for more effective solution for detection and blocking of operation of programs that contain functional features that are undesirable for users.