Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,670,361 4%
2 Conduit Search/Toolbar 1,240,822 3%
3 PUP.InstallCore 827,527 4%
4 PUP.Optimizer Pro 794,155 2%
5 PUP.SupTab 730,868 1%
6 Hijacker 651,936 1%
7 Adware.LinkSwift 640,183 0%
8 V9 Redirect Virus 596,789 4%
9 Babylon Search/Toolbar 534,877 2%
10 454,691 8%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Warning: Over 20,000 Gmail, AOL, and Yahoo Email Accounts Hacked!
A major email security scam has taken place today where hackers compromised over 20,000 Gmail, AOL and Yahoo email accounts and posted the login details of them online. It is apparent that there is a phishing scheme happening where hackers are able to obtain thousands of login credentials from...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


The Gen:Variant.Adware.Kazy.432610 detection is used to notify computer users of the adware functionality of the Bundle Offer Manager by Bundle, Inc. Security researchers have determined that the software can display advertisement materials in the web browser. Users that have the Bundle Offer Manager on their PC may experience pop-ups, banners, and transitional ads. Adware may collect certain non-personally identifiable information such as your IP address, and MAC address and ads may prove intrusive. You may want to remove the Bundle Offer Manager with a trusted anti-malware utility.

Posted on December 17, 2014 in Adware


The Worm.Win32.AutoRun.dtbv is exactly what the name suggests, and it is a worm that can arrive in your system through the use of removable media and shared folders. The Worm.Win32.AutoRun.dtbv is also known as Win32/Autoit.CC and it can spread additional malware through IM networks such as Yahoo Instant Messenger by sending a message to users. To enable its operations after every boot, Win32/Autoit.CC sets a registry key. Worm.Win32.AutoRun.dtbv is also seen in the detection results of several rogue anti-spyware products, and that does not mean you are infected with it. You should keep a reliable anti-malware program on your computer in order to be protected from cyber threats from the web, removable media, and shared folders.

Posted on December 17, 2014 in Worms

The domain is related to the Television Fanatic Toolbar adware. The Television Fanatic Toolbar adware is offered on as well as a suspicious Adobe Flash Player update. Users with adware infection on their PC are often redirected to and may experience pop-ups linking back to it. The adware that is responsible for pop-ups by functions as a gateway for advertisements of potentially unwanted software. You could avoid adware infections by incorporating a trusted anti-malware solution in your system.

Posted on December 17, 2014 in Browser Hijackers


The NinjaVOD video widget is supported by advertising and experts consider it a Potentially Unwanted Program (PUP). The advertisements that support the free services of NinjaVOD are search provider, banner, in-text hyperlinks, pop-ups and transitional ads. The NinjaVOD software collects non-personally identifiable data in the form of DOM storage data, browser cookies, web beacons and may use JavaScript to determine what online services you are using, what searches you have done and what content you have engaged in. These operations by NinjaVOD are conducted in order to help its advertisers display targeted content. You should be notified that the NinjaVOD software does not honor 'Do Not Track' privacy settings in your browser, and you may want to remove it using a trusted anti-spyware tool.

Posted on December 17, 2014 in Adware


The Gen:Variant.Adware.Kazy.166854 name is used by security programs to recognize adware applications related to the Fusion Installer. The applications that are detected as Gen:Variant.Adware.Kazy.166854 may have different names, but they are linked to the Fusion Installer. Computer users may have installed Fusion Installer as part of freeware bundle, and they may see numerous ads, pop-ups, coupons and discounts appearing in their web browser. You should consider the implementation of anti-malware shield in your system as a cyber security measure against adware infections such as the Gen:Variant.Adware.Kazy.166854.

Posted on December 17, 2014 in Adware

The Adlinker adware franchise uses the .net and .info domains to generate web traffic to certain websites and services. The adware responsible for redirects to and can distribute specially suited ads and pop-ups selected on the basis of your browsing history and time spent online. Adlinker serves as advertisement platform of third parties that support adware developers in order to deliver their marketing materials. Adware infections connected to and can occur after installation of freeware via the 'Express' or 'Custom' option. You may want to install a credible anti-malware tool to resolve any problems with the Adlinker adware.

Posted on December 17, 2014 in Browser Hijackers

The domain serves as a landing page of adware, and it is used to display ads, coupons, discounts, surveys and pop-ups. Users with adware infection on their system may be redirected to and may be subjected to a constant display of marketing materials. The adware behind the ads and pop-ups by may use web beacons and cookies to display personalized marketing content. The adware affiliated with may prove as annoying hindrance for your browsing experience, and you may wish to use a credible anti-spyware tool to clean your system.

Posted on December 16, 2014 in Browser Hijackers


Ratosto is recognized by security experts as a trojan downloader. The Ratosto trojan is employed by criminals because it can open backdoors to the system and download additional malware and help its handlers conduct malicious activities. The Ratosto trojan can download and install Potentially Unwanted Programs (PUPs) that can prove harmful. The Ratosto trojan is distributed through spam campaigns and malvertising. Trojan infections allow hackers to perform activities that are invisible to the legitimate PC users, and the services of a powerful anti-malware program are needed to counter infections of this sort.

Posted on December 16, 2014 in Trojans


Adware.Plugin.736 is used by cyber security applications to brand plugins that are being used as advertisement platforms by third parties. Adware plugins often come as unwanted companions of freeware installers. The Adware.Plugin.736 may be the detection of seemingly harmless plugin, but the appearance of pop-ups, ads and coupons should be interpreted as a clear indication of adware infection. Computer users are advised to use a trusted anti-malware utility as a cyber shield and cleaning tool for adware infections such as the Adware.Plugin.736.

Posted on December 16, 2014 in Adware

Smart-Saver Plus

Smart-Saver Plus is published by Melora Investment Limited as a tool to help online shoppers to discover products at the lowest price on the web. The Smart-Saver Plus app has very minimalistic website and Melora Investment Limited state that they give no guarantee to users that their browsing activities will be uninterrupted. The Smart-Saver Plus software is deemed as adware because it provides browser features that include the display of additional ads on websites, sponsored advertising, transitional ads, coupons, banners, pop-ups, and pop-unders. Adware such as the Super Radio toolbar often gathers data on its users in the form of visited web sites and time spent online in order to provide advertisers with marketing data. Marketing data is used by advertisers to develop targeted content and maximize the success rate of people clicking on their ads. You should reconsider keeping the...

Posted on December 16, 2014 in Adware

Super Radio Ads

The Super Radio toolbar by ClientConnect Ltd. may appeal to users that like to listen to music while they surf the web. Computer users should know that the Super Radio toolbar has privacy policies that allow security experts to classify it as a Potentially Unwanted Program (PUP). The Super Radio toolbar will benefit from the incorporation with your browser by recording your online clicks, OS version, and system information. The Super Radio extension may use web beacons and cookies to allow third parties to display advertisements in the form of related search results, ads, banners, and pop-ups. The Super Radio toolbar often comes with free applications, and you may not notice its installation unless you choose the 'Advanced' or 'Custom' option in installers. If you are presented with the Super Radio toolbar in your web browser, you should expect many ads and pop-ups coming your way....

Posted on December 16, 2014 in Adware


The Adware.JS.Agent.Q detection is a general name utilized by security programs to signify adware capability of particular programs. The JS.Agent.Q detection specifies a JavaScript component of a browser extension that is being used to push advertisement content. The Adware.JS.Agent.Q is often related to browser extensions build on the CrossRider platform. You might have started experiencing pop-ups and ads after the addition of a free application to your system software. Adware infections may allow ad providers to keep track of your browsing history and search queries in order to display related ads. Computer users who detected the Adware.JS.Agent.Q on their system should remove all files associated with it, because adware infections impair browsing experience.

Posted on December 16, 2014 in Rogue Anti-Spyware Program

AVC Plus

AVC Plus is a fake anti-spyware program and part of a vast family of rogueware named FakeRean-Braviax. AVC Plus was developed to trick and drive Internet users to purchase the supposed registered version of AVC Plus. Also, Trojans are used to propagate rogue anti-spyware programs like AVC Plus. If you try to remove the supposed computer infections, AVC Plus will state that you must first buy the full version of AVC Plus. The purchase of AVC Plus is not what makes it suspicious, but the fact is its system scanner is completely fake and lists the same fabricated threat results. AVC Plus uses a Trojan to take control of the user's computer, and the program may not have real threat removal capabilities. Consider AVC Plus an empty shell created to lure you into relinquishing your credit card information. AVC Plus is not genuine security software; AVC Plus only knows to show you fake error...

Posted on December 16, 2014 in Rogue Anti-Spyware Program

Media PlayerVidEd

Media PlayerVidEd is classified to be an adware-related application that represents itself a media player, as the name suggests. Instead of being helpful to users, Media PlayerVidEd may cause issues on the computer. Users may often get Media PlayerVidEd on their system by downloading bundled freeware like PDF creators, movie makers, and other types of media players. After installing Media PlayerVidEd on your system, this adware may display advertising pop-ups and banners. Your browsers might be flooded with these unwanted ads, but they will not go away until you remove Media PlayerVidEd and all its related files.

Posted on December 15, 2014 in Adware

Reverse Page Ads

Ads by Reverse Page are often the result of adware or a PUP (Potentially Unwanted Program). Reverse Page has several distribution methods including bundling marketing techniques and installs an additional browser extension. Once infected, your computer may be injected with unwanted commercial advertisements and often redirected to unwanted websites. Reverse Page may cause your system to run slower than usual due to higher resources consumption.

Posted on December 15, 2014 in Potentially Unwanted Programs
1  2  3  4  5  6  7  8  9  10  11  12  Next     Total items: 12848