Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,986,287 -1%
2 Conduit Search/Toolbar 1,423,614 -1%
3 PUP.SupTab 957,235 -2%
4 PUP.InstallCore 875,962 -1%
5 PUP.SuperWeb 844,282 -1%
6 PUP.Optimizer Pro 843,508 -1%
7 Adware.Multiplug/Variant 767,039 -1%
8 Iminent Toolbar 671,602 -0%
9 Hijacker 639,033 0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

PromoRewards Ads

The PromoRewards browser plug-in is another 'innovative' shopping advisor that is offered to users as a way to economize by shopping at affiliate stores. The PromoRewards software is available for download on and may land on your system as an additional component to a free program. The truth is that the PromoRewards plug-in is adware that may claim to offer gift cards, 80% discounts and exclusive coupons that may come from untrusted merchants. Security authorities note that the PromoRewards adware may place virtual layers over the pages you visit in Google Chrome, Internet Explorer and Mozilla Firefox to redirect you to products and services by sponsors. The PromoRewards adware does not have a publicly known developer and is not digitally signed, and active online buyers are not advised to click on coupons and promotions by PromoRewards. The PromoRewards adware may...

Posted on October 8, 2015 in Adware

Tune Junkies Ads

The Tune Junkies browser extension is aimed at users of Google Chrome and can be found in the Chrome Web Store and The Tune Junkies browser extension is advertised to customize your new tab page and homepage with links to leading music resources and allow you to listen to radio stations that play the latests tracks. The Tune Junkies might arrive on your PC via freeware bundles because it is seen to accompany programs like Shopping Helper Smartbar and Speedly Network Speed Enhancer . Security experts warn users that the Tune Junkies extension is adware that is developed by APN, LLC. and may be distributed by inMind, Inc. as seen with SoundJunkies and Movie Junkies . The Tune Junkies adware fills the same niche of adware applications like MixBox and MusixHub , and it may use session and Adobe Flash cookies to generate personalized advertisements. The ads...

Posted on October 8, 2015 in Adware

AnimeUnzipped Toolbar

The AnimeUnzipped Toolbar can be found in the Chrome Web Store, and users may perform a drive-by installation of the app when handling a freeware bundle with the 'Typical' or 'Express' option. The AnimeUnzipped Toolbar is promoted as a platform for users to share and discover cosplay ideas, but it is adware. The AnimeUnzipped adware-powered toolbar comes from Mindspark Interactive Network, Inc. that is behind APlusGamer and Video Convert Toolbar that fall in the categories of browser hijackers and adware. The AnimeUnzipped Toolbar may change your default search aggregator to since Mindspark is a member of the Partner Network (APN, LLC.). Users that installed the AnimeUnzipped Toolbar may not be provided with the option to keep their current Internet browser settings and experience an abundance of advertisements popping up on their screens....

Posted on October 8, 2015 in Adware

Gizmodock Ads

The Gizmodock software is promoted on and free software package as 'the best free search enhancement tool ever.' The Gizmodock program is developed by Howard Software Limited that deployed FLV Blaster , AdBlockerr and FixCleanRepair that are perceived as riskware. However, the Gizmodock application falls in the same category as WinClock and ZiperFly - adware. Security researchers classify Gizmodock as adware because it might change your default search engine to without your consent as well as promote clothing, shoes and high-end smartphones via pop-ups and banners. Also, The portal is just a redirect-gateway to that is associated with a browser hijacker. The Gizmodock adware may redirect your Internet traffic to and change your DNS settings to make sure you are provided with commercials from partners....

Posted on October 8, 2015 in Adware


The page promotes the Fdownloader application by Igor Moroz as an advanced download manager that can handle your download tasks and allow you to pause and resume downloads. The Fdownloader application may arrive on your PC bundled with a third-party freeware setup, and edit your Windows Registry to become your default download client. You should know that the Fdownloader application is a re-branded version of the Downloadme adware and might cover your screen with pop-ups. Moreover, the Fdownloader application may change your default search aggregator to and act as a browser hijacker. Security experts add that the security certificate that the Fdownloader comes equipped with is revoked by security authorities and may connect to the Internet over insecure channels. The Fdownloader application is classified as a Potentially Unwanted Program...

Posted on October 8, 2015 in Possibly Unwanted Program

CouponGiant Ads

The CouponGiant browser extension might be responsible for showing pop-up and pop-under windows with promotional materials in the Internet browsers of infected users. The promotions by CouponGiant may be facilitated by JavaScript and ActionScript3 and the pop-up blocking in your browser may not stop its activities. The CouponGiant extension is adware that may land on your PC attached to a free software installer that most users handle with the 'Express' or 'Typical' option carelessly. Computer users that are affected by the CouponGiant adware report that they are presented with many pop-ups, banners, and inline ads that carry the slogan 'Ads by CouponGiant'. The CouponGiant adware is similar to adware like Coupon Titan , Ultra Coupon and Coupon Lasso , and may use an executable DLL file to affect Internet Explorer, Google Chrome and Mozilla Firefox. The CouponGiant adware might...

Posted on October 8, 2015 in Adware

My Speedtest XP Ads

The My Speedtest XP browser extension by Informer Technologies, Inc. is supposed to be an enhanced search service that can rival Google and Binge according to how it is advertised on freeware packages. You may want to know that the developer of the My Speedtest XP extension is responsible for the deployment of the iPumper Toolbar badware. Also, Informer Technologies, Inc. is the developer of the My Coupons XP riskware and has a record of deploying software that might use persistent tracking cookies. The My Speedtest XP extension might read your bookmarks collection and browsing history to help advertisers push numerous marketing materials on your screen. Additionally, the My Speedtest XP extension might change your default search engine to that is powered by Yahoo. The search service on is designed to load sponsored search results...

Posted on October 8, 2015 in Adware

The Asia Search engine located on is developed by Oxygen Group that is located in Singapore and offers advertisers to use their search engine to promote locally. Also, is related to a browser hijacker that might be dispersed among Web surfers via free software bundles. The browser hijacker may appear as an extension, add-on and Browser Helper Object on infected computers. The Asia Search engine is not considered to be a threat, but the browser hijacker linked to may modify your browser settings without your notice and divert your Internet traffic. As stated before, the search engine is used by Oxygen Group to provide advertisers with a platform to present their commercials. When users type keywords on the Asia search engine is designed to produce six results that feature the desired keyword string and...

Posted on October 7, 2015 in Browser Hijackers

Celebrities by inMind Ads

The Celebrities by inMind browser extension that users may find in the Chrome Web Store and free software bundles is a product of APN, LLC ( Partner Network) that created the Media Search App browser hijacker. The Celebrities by inMind software may be offered to you as a news platform that hosts regularly updated information on celebrities. The Celebrities by inMind software may land on your PC via freeware bundles that most users might install with the 'Express' or 'Typical' option. The Celebrities by inMind software is perceived by security experts as adware because most of its operations are dedicated to advertising products and services from sponsors. Also, the Celebrities by inMind aware may change the design of your new tab page and set your homepage to The Celebrities by inMind adware is similar to Kele55 and Movies Toolbar and might slow down your browser...

Posted on October 7, 2015 in Adware

Screen Snapshot Ads

The Screen Snapshot software by Wisemana, Inc. is advertised as the most convenient way to take customizable screenshots of your desktop. The Screen Snapshot app by Wisemana may arrive on your computer as an additional offer in a freeware package, or you can download it from You may want to know that Screen Snapshot is deemed by security analysts as adware because it may push advertisements in your browser and redirect you to potentially harmful domains. The ads powered by the Screen Snapshot adware may appear as banners, coupons, discounts and video commercials on YouTube and Dailymotion. The Screen Snapshot adware may use a browser plug-in to inject sponsored content on the pages you load in your Internet browser. It may edit your Windows Registry to become the default app when you use the Print Screen button on your keyboard and show pop-up windows with...

Posted on October 7, 2015 in Adware

HDRoot Bootkit

The HDRoot bootkit trojan is developed by the black hat hacker group dubbed Winnti Group that is classified by malware researchers as an Advanced Persistent Threat (APT). Most attacks that involve the HDRoot bootkit are carried out in South Korea,, and there are strands of HDRoot seen across Europe. The HDRoot bootkit is designed to inject code in the built-in Net Command tool by Microsoft in Windows to execute its operations covertly. The functionality of net.exe (Net Command) is not altered, and users might not see symptoms of an infection with the HDRoot bootkit. The HDRoot bootkit is known to use security certificates from Chinese firms to avoid raising suspicion. The HDRoot malware is programmed to access the Master Boot Record (MBR) of hard-drives to open a backdoor to the infected system. The HDRoot bootkit trojan can insert a registry key in Windows to instruct the OS to load...

Posted on October 7, 2015 in Trojans

Security Researchers Disrupt Ransomware Attackers Campaign, Looking to Lose $34 Million in Revenue

Attackers who have dished out about half of recent ransomware threats have had their campaign disrupted, and they look to losing about $34 million in revenue. The disruption of a massive ransomware campaign that is reportedly responsible for 50% of all deployments of ransomware through the Angler exploit kit have left attackers in a case where they could lose $34 million of their revenue by the end of the year. Through the use of servers from the infrastructure of the cloud service provider, Limestone Networks, the criminal group behind a large ransomware operation was able to create the largest delivery platform known. Ransomware threats continue to be an emerging type of malware that utilizes clever techniques to hold an infected PC for ransom while the attackers welding such threats collect money from computer users who succumb to such campaigns. As we know all-too-well,...

Posted on October 7, 2015 in Computer Security

Piccshare Ads

Piccshare is a piece of software developed and distributed by HTTO Group, a not so popular company in the world of software developers. The purpose of Piccshare is to provide users with a neat and convenient way to quickly browse, arrange and share photos they find on their computer or the web. However, what some users might not know is that Piccshare relies solely on paid advertising to generate profit for its authors. This means that users who opt to install Piccshare also agree to have their web browsing sessions bombarded with all kinds of advertisements that are annoying to say the least. Piccshare may be installed stealthily, so users may see the Piccshare ads, and they have no idea that this software is installed on their computer. The reason for this is the primary propagation technique that may be used to distribute Piccshare – software bundling. The Piccshare adware may...

Posted on October 6, 2015 in Adware


PCBooster is a Potentially Unwanted Program that may appear on your computer out of nowhere. The sudden appearance of PCBooster may come as a surprise to many users, but most of them may not be aware that they may have accepted to install this application unknowingly. PCBooster may be offered as an optional addition when users install free applications like media players and PDF readers, so it is very easy to install the PCBooster software accidentally But what exactly is PCBooster? According to its authors, this is a program that can make the maximum out of your PC's hardware, and, therefore, improve your computer's overall performance. The PCBooster application may sound like a great utility to have, but you should be aware that its advertising is strongly exaggerated. PCBooster isn't as sophisticated as it sounds, and it doesn't work as well as you'd like. In fact, many users that...

Posted on October 6, 2015 in Possibly Unwanted Program

’844-618-6702′ Pop-Ups

Have you recently seen pop-ups or web pages that advise you to call 844-618-6702 because there seems to be an issue with your computer's security? If the answer is 'Yes,' then you may have visited a compromised web page, or you have a low-level cyber threat installed on your computer. The pop-ups and ads used to promote the 844-618-6702 phone number have one single purpose – to lure innocent users into a sophisticated online technical support tactic whose goal is to take money and information from PC users. Usually, pop-ups associated with 844-618-6702 may contain information about a virus infection, corrupted system files or other severe PC issues whose primary purpose is to scare the user. For example, one of the threats that may be mentioned in the pop-ups is TRJ.DealXware.Stealth2. However, you must remember that all messages accompanied by the 844-618-6702 phone number are...

Posted on October 6, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 978