ExpandedActivity combines the capabilities of adware with those commonly associated with browser hijackers. In short, it is a dubious application that users are extremely unlikely to download and install willingly. Knowing this fact, the developers of such applications spread them by utilizing various deceptive strategies.
Two of the most widely used are bundling and injecting the application inside a fake software installer/updater. The term bundling denotes a marketing tactic that packages an additional app whose application will be hidden under the 'Custom' or 'Advanced' settings that are part of the installation process of a far more desirable, and legitimate, software product. The reliance on such misleading distribution methods classifies these applications as PUPs (Potentially Unwanted Programs).
No matter how ExpandedActivity managed to enter your computer, it will start generating intrusive and unwanted advertisements that could impact the user experience on the device drastically. Furthermore, the advertisements, if clicked on, could take the user to questionable or even unsafe third-party websites.
Meanwhile, the PUP also will establish control over the user's Web browser. In nearly all cases, this involves modifying the default search engine, the homepage, and the new tab page to open a sponsored address. Almost always, browser hijacker applications are employed in the promotion of a fake search engine.
Keep in mind that a common PUP characteristic is having data-harvesting capabilities. While they are present on the system, users risk having their entire browsing history, search history, and conducted searches packaged and then transmitted to a remote server. The gathered data may even include various device details.