Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,036,697 1%
2 Conduit Search/Toolbar 1,464,704 -1%
3 PUP.SupTab 1,048,705 1%
4 PUP.InstallCore 905,057 3%
5 PUP.SuperWeb 874,246 1%
6 PUP.Optimizer Pro 873,082 1%
7 Adware.Multiplug/Variant 837,876 3%
8 Iminent Toolbar 703,456 -3%
9 Hijacker 639,799 0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


LaSuperba is a web browser extension that may completely change the way your web browser behaves. Once LaSuperba is installed on a computer, it may inject numerous advertisements in the web browsers affected by its presence. The LaSuperba ads may show up on any web page you visit and having to close them constantly may significantly worsen your online experience. The LaSuperba advertising techniques are fairly aggressive, so this adware may cause you a lot of troubles and annoyances unless you remove it swiftly and efficiently. The LaSuperba adware may also use a tracking cookie to collect some information about your online habits like search queries, frequently visited websites, most used search engine and other information. The collected data may be used to improve LaSuperba's targeted advertising campaigns, which means that you may see LaSuperba ads that have been tailored...

Posted on August 31, 2015 in Adware


MovixHub is a dubious application that offers users the opportunity to stay up to date with the latest movies, trailers and news from the movie world. Avid movie lovers may be pleasantly surprised by the functionality of the MovixHub browser extension, but they may be disappointed to hear that by installing MovixHub they may experience some changes in the way their web browser behaves. For starters, the MovixHub browser extension may hijack the web client's configuration and manipulate its homepage and default search engine. Furthermore, the extension may inject MovixHub ads in the web browser, so that's another good reason you may want to think twice before accepting to install MovixHub. The MovixHub website offers users to install two of its official Chrome extensions – Search by MovixHub and MovixHub Start. Both of these serve similar purposes, and both of them may introduce...

Posted on August 31, 2015 in Adware

Advanced PC Care

Advanced PC Care is a potentially unwanted program that may be found useful by some users. The application is best described as a PC optimization tool that has the ability to scan, clean and optimize the Windows registry, modify Windows start-up items, control web browser extensions, and provide the user with access to several other neat features that may help them take better control over their system. Everything about Advanced PC Care would be great if it weren't for the questionable distribution and promotion techniques that its authors have adopted. The Advanced PC Care software may often be distributed via software bundles, so the significant fractions of this software's total installations may have occurred without the user's knowledge. Furthermore, once installed the Advanced PC Care software uses a trial version that includes a working scanner. However, the trial version is...

Posted on August 31, 2015 in Potentially Unwanted Programs Pop-Ups is one of the domains used by PC Experts, a company known for offering questionable online technical support services that are being promoted via shady techniques. The domain may also be used to host misleading pop-ups that contain fake and alarming information. One of the pop-ups that our experts have come across alarms users that numerous virus infections have been detected on their computer, and they need to contact a certified computer technician to resolve the issue. Naturally, The also provides the user with a phone number they can use to get in touch with the technician they need – 1-866-777-6120. Remember that the information presented by the pop-ups is fake, and calling the promoted number won't get you in touch with a certified computer technician! Instead, you may become involved in an online scam whose goal...

Posted on August 31, 2015 in Adware


Widthie is a dubious web browser extension that may often be installed without the user's permission. The browser extension doesn't seem to exhibit any malicious behavior, and its only purpose is to display the width of the page that the user is browsing at the moment. The width is measured using pixels, and Widthie users can see the width of the page they are viewing at the moment by taking a look at the Widthie bar found right beneath the bookmarks toolbar on Google Chrome. Although the Widthie browser extension isn't known to exhibit malicious behavior, the fact that it may be installed without your knowledge or permission is a good enough reason to remove it. User reviews published on Widthie's Google Chrome extension page state that many people were surprised to find this Chrome extension installed. It serves no useful purpose, and its presence is completely unnecessary, so...

Posted on August 31, 2015 in Adware

Shield Plus Cleaner Utility

The Shield PC Cleaning Utility, also seen as Shield Plus Cleaner, from Shield Apps, is another addition to their clean up gamma of applications that are arguably useful. The Shield PC Cleaning Utility claims to offer comprehensive tools for disk clean up, Internet privacy and defrag module as well as startup program management. Computer experts note that the Shield Plus Cleaner program offers the essential tools for OS maintenance that are present in all modern versions of Windows. Moreover, all versions of the Shield PC Cleaning Utility rely on the support of advertisers and users will be provided with sponsored commercials in their Internet browser. The Shield PC Cleaning Utility has four separate categories to inform users of problems with their PC - System related issues; Com and ActiveX; User-related issues and Junk files. Shield PC Cleaning Utility may feature urgent...

Posted on August 31, 2015 in Potentially Unwanted Programs Pop-Ups

The name of the domain may encourage PC users to trust its content and convince them to install a supposedly safe update to their Adobe Flash Player software. However, you should know that the domain that is registered at the IP address is linked to cyber threats like Bofra and Slugin . The threats mentioned before can steal your emails and apply unwanted system changes that allow hackers to connect to your PC remotely. Security experts add that Adobe Systems Inc. do not use third-party services to supply their users with updates, and you should not install the program promoted on The adware linked to may have arrived on your PC as a browser add-on embedded with a free program setup. The adware may change your homepage...

Posted on August 31, 2015 in Adware Pop-Ups

The domain is used by adware developers to spread software like A1 PC Cleaner and Quiz Games under the pretense of being a new 'Flash Player update'. The pop-up windows may appear every you turn on your PC and open your Internet browser and feature the Adobe Flash Player logo but should not be trusted. The legitimate software from Adobe Systems Inc. has built-in update managers that ensure safe patches, and you will not see pop-ups in your browser. Moreover, the domain that is registered at the IP address is connected to threats like Chir and Virut , and you are not advised to download the advertised software. The adware application that generates pop-ups by in your browser may have been installed on your computer as a browser plug-in that was...

Posted on August 31, 2015 in Adware

Bingo Master Ads

The Bingo Master browser extension that Web surfers may see in their browsers, after installing a freeware bundle, is adware. The Bingo Master adware-powered extension may share its name with a PC game from 2000 published by eGames, but it is not safe and may present you with links to harmful websites. The Bingo Master adware can affect all major Web browser and uses tracking cookies, DOM storage data and information like your Internet history to determine what type of ads would be attractive to you. The only goal of the Bingo Master adware is to show numerous ads and earn pay-per-click revenue from your efforts to close its ads. The Bingo Master adware may use JavaScript and ActionScript3 to place transparent layers over the pages you preview to redirect you to sponsored content and open new tabs with marketing offers in your browser. The Bingo Master adware may use banners and...

Posted on August 31, 2015 in Adware


The Backdoor:MSIL/Sisbot.C malware is classified by security investigators as a backdoor trojan that may be offered to you as an update to your Internet browser on low-quality software distribution platforms and spam mail. Security investigators reveal that the Backdoor:MSIL/Sisbot.C trojan may corrupt your browser and take advantage of the ports it uses to communicate with its 'Command and Control' servers and execute tasks. Moreover, the Backdoor:MSIL/Sisbot.C trojan may download and install malware like VirLock and Padvia that can damage your system severely. The Backdoor:MSIL/Sisbot.C trojan could be used by its operators for DDoS attacks at networks and servers. The Backdoor:MSIL/Sisbot.C trojan can affect all Windows versions as early as Windows NT4.0 and secure its communications with the built-in Microsoft-CryptoAPI. The modus operandi of the Backdoor:MSIL/Sisbot.C is very...

Posted on August 31, 2015 in Backdoors


TrojanDownloader:MSIL/Winpud.A falls in the category of trojans that are coded to download other malware when they infiltrate computers successfully. The Winpud trojan downloader is reported to make TCP connections to the IP address via port 80 and attempt to download malware like VaultCrypt and Klone . The malware mentioned before may encrypt your files and compromise the safety of your network and should not be taken lightly. Malware researchers note report that the Winpud trojan downloader is distributed via spam mail mainly. However, there are many cases where TrojanDownloader:MSIL/Winpud.A arrives on systems as a free program downloaded from suspicious software centers. The Winpud trojan downloader is written for 32 bit Windows systems to infect as many computers as possible because 64-bit systems can run 32-bit programs too. The Winpud trojan downloader is a threat...

Posted on August 31, 2015 in Trojans


The SpringFiles download manager is signed by Via Advertising Group Ltd. The SpringFiles software is promoted on as the tool that can 'Get any file you want amazingly fast.' The SpringFiles download manager is a modified version of the GoforFiles application and might slow down your computer. As stated above the SpringFiles application does not have a valid digital signature but it will modify your Windows Firewall settings to enable its communications with the Internet that will be using the insecure HTTP protocol. Additionally, the free nature of the SpringFiles application does not include freedom from ads, and you will be subjected to a constant stream of advertising content being loaded in your Web browser. The SpringFiles software is deemed as a Potentially Unwanted Program (PUP) with adware capabilities that may not live up to your expectations and may...

Posted on August 31, 2015 in Adware


The DigiFreeApp browser add-on may have been attached to your Internet client when you installed free software with the 'Typical' or 'Express' option. You might want to know that the DigiFreeApp add-on is recognized by security experts adware that would decrease your browser performance and may show you corrupted ads. The DigiFreeApp adware may claim to allow you to download innovative applications and acquire special coupons for online shops like eBay and Amazon, but you will not benefit from it. The main objective of the DigiFreeApp adware is to load many ads in your Web browser and earn pay-per-click revenue from infected users. The ads by DigiFreeApp may cover your screen, and you may not be able to preview text, images and video content on the Web correctly. The DigiFreeApp adware may use javaScript and ActionScript3 to change the look and feel of pages you browse to ensure that...

Posted on August 31, 2015 in Adware


The MusixHub browser plugin is recommended to be the number one personal radio app that allows users to listen to music and improve their experience on YouTube. However, the MusixHub plugin is classified as adware that will multiply the number of ads loaded in your browser to claim affiliate marketing revenue for its developers. Security analysts that MusixHub adware may claim to be a music network but its functionality is that of an adware like Vaf Music Toolbar and Webmoner . The MusixHub adware may load pop-up and pop-under windows when you visit online stores like Amazon and eBay. Security analysts note that the MusixHub adware may inject additional banners in the HTML code of websites you preview in your browser. Moreover, the MusixHub adware may promote riskware like OMGMusicPlus and Music Search App Toolbar to earn pay-per-install revenue. The programs mentioned before...

Posted on August 31, 2015 in Adware

‘SimpleLocker’ Ransomware

The 'SimpleLocker' Ransomware is a ransomware infection. Ransomware like the 'SimpleLocker' Ransomware is used to take over a computer, encrypt the victim's files and stipulate the payment of a ransom in exchange for access to the encrypted files. The 'SimpleLocker' Ransomware will change encrypted files' extensions, and drop text files containing instructions on how to pay the 'SimpleLocker' Ransomware ransom. Files that have been encrypted by the 'SimpleLocker' Ransomware cannot be recovered unless computer users have the decryption key. It is why it is essential that computer users always backup their files, which will allow them to restore their encrypted files using it. The payment of the 'SimpleLocker' Ransomware amount is usually carried out using TOR and BitCoins for anonymity. What Lies behind the 'SimpleLocker' Ransomware The 'SimpleLocker' Ransomware itself is not...

Posted on August 28, 2015 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 962