Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,489,534 2%
2 Conduit Search/Toolbar 1,139,771 1%
3 PUP.InstallCore 720,243 2%
4 PUP.Optimizer Pro 712,668 1%
5 Hijacker 700,619 -0%
6 PUP.SupTab 666,621 2%
7 Adware.LinkSwift 647,477 -0%
8 V9 Redirect Virus 574,462 0%
9 Babylon Search/Toolbar 511,979 1%
10 WeDownload Manager 445,229 0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Warning: Over 20,000 Gmail, AOL, and Yahoo Email Accounts Hacked!
A major email security scam has taken place today where hackers compromised over 20,000 Gmail, AOL and Yahoo email accounts and posted the login details of them online. It is apparent that there is a phishing scheme happening where hackers are able to obtain thousands of login credentials from...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans is a search engine associated with browser hijackers, adware and Potentially Unwanted Programs. Threats like browser hijackers will redirect the computer user searches to unrelated websites that will not be capable of helping your online searches. Threats associated with may monitor your Web browsing and record your IP address, preferences and search terms and send it to its designers. Although some of advertisements may be interesting, they are unwanted, invasive and instead of helping the computer user, it will disrupt their online searches. If you have installed Potentially Unwanted Programs or Potentially Unwanted Programs have entered your computer by default bundled with a third party software, you should remove with a malware removal tool.

Posted on October 21, 2014 in Browser Hijackers


Trojan.Generic.KD.1777082 as its name implies is a Trojan infection. Trojan.Generic.KD.1777082 may change your home page and Web browser settings; collect data related to your browsing preferences; display a huge amount of advertisements that will consume your system resources; turn your computer into an slow and irresponsive machine; and install various other components. Trojan.Generic.KD.1777082 also may open a backdoor that will become an open gate for other threats and hackers, therefore, a huge security hazard. Do not hesitate. Trojan.Generic.KD.1777082 should be removed with an appropriate and updated anti-malware product.

Posted on October 21, 2014 in Trojans


Imagine how valuable it would be if when online shopping, a computer user could download a tool the will make it possible for the online shoppers to create coupons and save money. It is what AutoCouponMaker's name suggests. Unfortunately, AutoCouponMaker is adware that may be downloaded by the computer user or use another tactic called 'bundling' to enter a computer. The 'bundling' technique consists in having adware or PUPs such as AutoCouponMaker bundled into the installation of freeware downloaded from the Internet. Instead of helping computer users, AutoCouponMaker will be an annoyance and will impose its sponsored advertisements on the Web pages visited by them. To stop AutoCouponMaker advertisements, AutoCouponMaker should be removed with a malware remover tool.

Posted on October 21, 2014 in Adware


CinPlusHQVid is classified as an adware program because CinPlusHQVid displays countless advertisements on the Web pages visited by the computer user. The advertisements displayed by CinPlusHQVid may match your Web searches because CinPlusHQVid monitors your Web browsing and sends the collected data to its advertisement-generator sponsors. When downloading cost-free programs from third parties, Possibly Unwanted Programs and adware such as CinPlusHQVid may be included on its installation processes. It is why it is necessary to research the origins of freeware provided by unknown sources. By reading all the installation agreements, the computer user may refuse the installation of adware and PUPs such as CinPlusHQVid.

Posted on October 21, 2014 in Adware


TrojanDownloader.Win32/Banload.AYP is a Trojan infection that belongs to the Win32/Banload family. Besides being a damaging threat, TrojanDownloader.Win32/Banload.AYP may download other threats onto the affected computer that include Win32/Bancos and Win32/Banker. The main objective of TrojanDownloader.Win32/Banload.AYP is to gather user name and passwords of your bank accounts that will be sent to the people behind TrojanDownloader.Win32/Banload.AYP. TrojanDownloader.Win32/Banload.AYP prevents the computer user from accessing the Internet; runs a fake scanner; display numerous pop-ups, blocks various programs especially if it is related to the computer's security; and consumes system resources which will slow down the machine's performance. If your computer is infected by TrojanDownloader.Win32/Banload.AYP, it is advised to change your login information after its removal. Computer...

Posted on October 21, 2014 in Trojans


Troj_Generic.WMIES is a Trojan that when installed on a computer may cause various, unwanted and strange modifications that will disrupt the machine's operation. Troj_Generic.WMIES alters the Registry and Host files. After these changes, the computer users will notice a different desktop background, unknown icons and shortcuts. .Dll and .exe files will be added to the system automatically. When trying to accomplish a Web search the computer users may be redirected to unsafe websites, due to the alterations Troj_Generic.WMIES makes on the Web browser settings. Troj_Generic.WMIES may open a backdoor on the infected computer that will allow its designers to have access to your privileged information and use it to practice harmful actions. Computer users infected by Troj_Generic.WMIES should act quickly to find the appropriate tool to remove Troj_Generic.WMIES, its components and related...

Posted on October 21, 2014 in Trojans


Trojan.Win32.Patched.pj is a zero-day Trojan infection that may cause various problems to the infected computer. After been installed, Trojan.Win32.Patched.pj will connect a Command and Control server to get instructions. Trojan.Win32.Patched.pj will corrupt svchost.exe and rpcss.exes files and may create several files that will be added to a file catalog. Trojan.Win32.Patched.pj may monitor your Web browsing and display audio advertisements in the background. Trojan.Win32.Patched.pj is also detected as Trojan.Patched.Zekos. Zero-day infections are hard to find, because the most part of security programs do not have their names added to their database. Therefore, removal of Trojan.Patched.Zekos may demand an up-to-date and proper anti-malware program.

Posted on October 21, 2014 in Trojans


CheapCoupon is the senseless name of an adware program. If while browsing the Internet, the computer user starts seeing numerous, unwanted advertisements being displayed on their Web browsers, this mean that they have acquired this Possibly Unwanted Program. It is possible that CheapCoupon was downloaded by the computer user, but CheapCoupon most used installation method is by a technique called 'bundling' that consists in including CheapCoupon into the installation process of free software. CheapCoupon's presence may turn the computer user's browsing experience into an unpleasant task.

Posted on October 21, 2014 in Adware


Once installed and running, Ransom:Win32/Crowti.A is ransomware that will encrypt crucial files on your computer, turning the machine almost inoperable. Then, Ransom:Win32/Crowti.A will lead the computer user to a Web page which iRansom:Win32/Crowti.A may unlock using instructions previously provided by its designers. Ransom:Win32/Crowti.A will lock the affected computer and ask for the payment of a ransom to unlock it. This payment must be done using Bitcoins. Ransom:Win32/Crowti.A is detected under various names that include CryptoWall, CryptoDefense, W32/Cryptodef.AHIO!tr, Troj/Agent-AHIO among others. Troj/Agent-AHIO may be installed when the computer user opens a spam e-mail, clicks on a corrupted link or by another threat such as TrojanDownloader:Win32?Upatre or TrojanDownloader:win32/Onkods. Since there is no assurance that making the ransom's payment will unlock your files, it...

Posted on October 21, 2014 in Ransomware

WordProser Ads

WordProser is an adware program that is similar to other add-on applications that display advertisements, such as SharkShopper and CutThePrice. The WordProser program is apt to loading various advertisements on your screen that come in many forms, such as banners, pop-under or pop-ups. Use of the WordProser advertisements may lead your Web browser to other sites that may have suspicious content or attempt to offer various services through the Internet. After WordProser has installed, the WordProser advertisements can be generated through various plugins or add-on extensions found in your Web browser. WordProser may be installed by default on the targeted computer when the computer user performs the installation of third party software. Also, WordProser may monitor the computer users online activities and collect data. Removal of those components will eliminate the WordProser program...

Posted on October 21, 2014 in Adware


CouponTime joins the countless adware programs offered on the Internet as helpful browser add-ons. Although displaying numerous commercial offers, coupons and deal to the online shopper, CouponTime's advertisements are annoying, invasive and unwanted. These advertisements also may not be related to your Web searches and even be fake. CouponTime may add itself as a browser add-on to Internet Explorer, Google Chrome and Mozilla Firefox. Besides been used to display sponsored advertisements that, if clicked, may direct the computer user to compromised websites, CouponTime also collects data that, after shared, will show targeted advertisements on the affected computer. CouponTime is distributed by its website It is advised do not let CouponTime remain on your computer. Removal of CouponTime may be done manually, but the safest method is uninstalling it wit a proper...

Posted on October 17, 2014 in Adware


MalSign.Generic.6E2 is a Trojan infection that after installed and running on an infected computer will modify your Registry files' data and compromise your system data's files. MalSign.Generic.6E2 takes control of an affected system by injecting harmful codes on it. These codes will be updated constantly to avoid detection. Windows Vista, Windows XP, Windows 7, Windows Server 2008, Windows Server 2003, Windows 98, Windows NT, Windows 95 and Windows 2000 may be affected by MalSign.Generic.6E2's presence. MalSign.Generic.6E2 may redirect the computer user to unsafe websites by displaying numerous unwanted advertisements that when clicked will trigger the redirections. MalSign.Generic.6E2 may be used by third parties to collect crucial data that will be used for profit-oriented advertisements. MalSign.Generic.6E2 also may install other threats, PUPs, browser hijackers, etc. on the...

Posted on October 17, 2014 in Adware


SharkShopper, or SharkShopper Ads, promises to aid you with your online shopping by displaying coupons, promotions, deals and related advertisements. Although SharkShopper's advertisements may be useful, sponsored advertisements such as the ones displayed by SharkShopper may lead computer users to unsafe websites when clicked. Also, SharkShopper may record your browsing searches and share it with its sponsors. If you have downloaded SharkShopper and are willing to keep this adware-laced program installed on your machine, you should be aware of the problems associated with it. If SharkShopper has entered your computer without your interference and you want to remove this Possibly Unwanted Program from your computer, you should use a good anti-malware application.

Posted on October 17, 2014 in Potentially Unwanted Programs


Computer users that have downloaded FoxSales when looking for a helpful add-on may be surprised when they find out that FoxSales is a disappointing adware program. Besides displaying unwanted advertisements, FoxSales also may enter their computers when they download a no-cost program from a third party automatically. Any program that imposes itself should be looked, at least, as suspicious. FoxSales will not be of any help to the computer user since its main purpose is to display advertisements and collect the computer user's browsing preferences that will be sent to its sponsors as advertisement leads. FoxSales, by itself, is not a threat, but FoxSales is classified as a Possibly Unwanted Program and should be removed from the affected computer. An anti-malware program will hep you to accomplish this task.

Posted on October 17, 2014 in Potentially Unwanted Programs


Who doesn't want to find good deals when online shopping? For this reason, various online shoppers seek browser add-ons to help them with their online shopping. Browser add-ons may be very useful, but some of them, such as CutThePrice, are adware-laced programs that, although providing advertisements related to your online searches, is not intended to help you. CutThePrice's objective is to display sponsored advertisements, no matter if you want it or not. CutThePrice collects search terms and visited URL to provide accurate leads to its sponsors. CutThePrice may be downloaded from its website,, but CutThePrice also may be bundled with free software and spread by InstallRex installers. Since it may not be safe to keep adware on your computer, you should remove CutThePrice and its components with a malware remover.

Posted on October 17, 2014 in Adware
1  2  3  4  5  6  7  8  9  10  11  12  next     total items: 12447