Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,797,398 -0%
2 Conduit Search/Toolbar 1,248,339 -1%
3 PUP.SupTab 886,121 -2%
4 PUP.InstallCore 885,098 -1%
5 PUP.Optimizer Pro 813,761 -2%
6 Hijacker 640,364 -0%
7 Adware.LinkSwift 636,614 -0%
8 V9 Redirect Virus 611,120 -0%
9 548,128 -2%
10 Babylon Search/Toolbar 544,481 -1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


The AnySend software from ClickMeIn Limited is promoted as a reliable file sharing application, but security researchers noticed that it came embedded with adware. The AnySend app can be downloaded from its official website and could be acquired through freeware installers as well. The AnySend software comes along with the Install Core Click application distribution platform that may install additional software on your PC. The AnySend software adds a Windows shell option to facilitate its features and may add a Browser Helper Object, an add-on, and an extension to your web browser that could be used to display marketing materials. The AnySend software may perform as promised, but its free features require you to tolerate numerous pop-ups, ads, and in-text hyperlinks. The functionality mentioned above provides reason to classify AnySend as a Potentially Unwanted Program (PUP) with...

Posted on January 30, 2015 in Adware

The domain is used by adware developers to facilitate the display of a pop-up window suggesting users to install Potentially Unwanted Programs (PUPs). The pop-up by is generated by adware on your computer that may offer products and services related to your online activities and preferred web pages. Adware applications may come enclosed with freeware bundles as extra tools that may promise enhanced video and music experience or improved searches and low-cost online shopping. The adware behind the pop-up could be used to deploy malware, and you might want to use a powerful anti-spyware utility to clean your PC.

Posted on January 30, 2015 in Browser Hijackers

The domain is used in relation to adware deployed with free application installers. The web page is presented as a pop-up suggesting that the user is running an outdated web browser and that a video player upgrade is advised. It is not advisable to download the software promoted by the pop-up because it can be potentially harmful software. The adware generating the pop-up may have found its way inside your system by tagging along with a freeware installer. Additionally the domain links to the IP address that is used by criminals to distribute trojans. You might want to consider using a trusted anti-spyware application to remove the adware affiliated with and to protect your PC.

Posted on January 30, 2015 in Browser Hijackers

The domain hosts a search engine affiliated with a browser hijacker that displays advertisements and makes several changes to the user's browser settings. The hijacker may change your home page, the new tab, and default search provider to as well as display ads, banners, and pop-ups. The domain is registered with an IP address that can be linked to adware and Potentially Unwanted Programs (PUPs) such as SaverOn. The hijacker uses a data URI scheme to track the search queries performed on the infected system and uses the collected data to display related promotional materials. The browser hijacker can be found offered in freeware bundles as a search enhancer in the form of a browser extension, an add-on, and a Browser Helper Object. If you suspect an infection with the...

Posted on January 30, 2015 in Browser Hijackers

The domain is utilized by adware developers to propagate potentially harmful software. An adware infection is responsible for displaying pop-ups referring to a supposedly legitimate Adobe Flash Player update. The pop-up by uses an emblem similar to the Google Chrome's 'Flash Player Has Crashed' page, the VeriSign's 'Norton Secured' logo and the Adobe Flash Player logo. However, the software offered on could be a Potentially Unwanted Program (PUP) or a tool to grant crooks a remote access to your PC. The adware behind the pop-up might have been installed on your PC as an extra browser extension along with a free application. Security researchers advise against downloading software from, and you might want to heed their advice and use a trustworthy anti-spyware tool to clean your PC.

Posted on January 30, 2015 in Browser Hijackers

JS: Agent-Die

JS: Agent-Die is a trojan infection designed to steal user log-in details, banking credentials and record system information for the infected machine. Trojans such as the JS: Agent-Die are a class of malware that appears to perform useful operations but in fact they are used by criminals to collect data, drop other malware and remotely manipulate the infected PC. The infection with JS: Agent-Die trojan may result in irreversible damage to your system, data loss and banking details being stolen. The most used deployment method for trojans is to embed the malware in attachments to spam emails or disguise it as an attractive free application. Security experts advise users to be cautious when they install freeware and to avoid download of files from spam emails. A reputable anti-malware solution can provide defenses against the JS: Agent-DIE trojan and its kin.

Posted on January 30, 2015 in Trojans


The video streaming service VideoStripe by Videostripe INC. can be linked to adware infection that displays promotional materials inside the browser of computer users. Also, can be connected to another adware that uses the domain to show a pop-up redirecting users to the VideoStripe service. The adware responsible for commercial offers and suggestions by VideoStripe might use your click-stream and collect data about your online activities to deliver custom-made ads. The VideoStripe adware may insert tracking cookies and web beacons to collect non-personally identifiable data about your browsing habits. Adware such as VideoStripe may have entered your system by embedding with free application installers that you handled via the 'Express' or 'Typical' option. You might want to use a potent anti-spyware application to halt the ads by VideoStripe.

Posted on January 30, 2015 in Possibly Unwanted Program

An adware infection uses the domain for search operations and display of marketing materials. The adware related to the web page may change your browser settings to use as your home page and search provider. The adware could be promoted as a helpful Browser Helper Object, an add-on or a browser extension in freeware packages. However, the adware connected to may obstruct your online activities by displaying ads, banners, and pop-ups. Adware apps are created to promote products, services, and online shops and might not deliver you safe advertisements. The changes caused by the adware and the ads may not be desirable, and you might want to use a reliable anti-spyware tool to clean your system.

Posted on January 30, 2015 in Browser Hijackers

’888-391-6168′ Scam Message

The phone number 888-391-6168 is used by scammers who created adware that shows a pop-up suggesting that 'Your computer might be infected with adware!' The message that directs you to call 1-888-391-6168 may claim that you have adware, malware and viruses on your system that puts your computer at risk because it aims to scare you. The 888-391-6168 scam message is facilitated by adware that may have entered your system through bundling with freeware installers that you handled via the 'Express' or 'Typical' option. The adware behind the 888-391-6168 pop-up message is not damaging by itself, but users who called the 888-391-6168 phone number received instructions to download remote access programs that gave scammers access to their system. Needless to say calling the 888-391-6168 number may result in data loss, and user credentials being stolen. If you are presented with the...

Posted on January 30, 2015 in Fake Error Messages

‘Windows Browser Warning’ Fake Message

The 'Windows Browser Warning' pop-up is displayed on PCs infected with adware and should not be trusted because it is used to scare people and direct them to call fake tech support. The 'Windows Browser Warning' message may use the Windows Firewall logo and mention your IP address, but it is not legitimate. Calling the tech support offered on the 'Windows Browser Warning' pop-up may lead to the installation of Potentially Unwanted Programs (PUPs) and a security breach. The 'Windows Browser Warning' fake message is displayed by adware. The adware responsible for the 'Windows Browser Warning' pop-up may have been installed on your system along with a free application, and you might want to consider removing recently installed freeware. Clicking on the 'Windows Browser Warning' pop-up are not advised it may invite you to install potentially harmful software. If you are presented with the...

Posted on January 30, 2015 in Fake Error Messages

Super Bowl XLIX Commercial Searches and NFL Mobile App Use May Spoil Big Game for You

The most-watched television event in the U.S. is taking place this weekend as the New England Patriots and Seattle Seahawks lace up for Super Bowl XLIX. Those who are looking for Super Bowl XLIX commercials over the Internet could encounter malicious links or take use of an NFL mobile app that has a vulnerability allowing hackers to obtain personal data. There is no doubt that the Super Bowl is one of the most widely watched TV programs in the United States for one day. Advertisers from major U.S. companies have put in their multi-million dollar bids to advertise their product through a clever Super Bowl commercial. For some, watching Super Bowl commercials is more entertaining than the actual game or half time show. In knowing how many people will be glued to the TV set, it is naturally the duty of hackers/scammers to manipulate search keywords on the Internet to attract those...

Posted on January 30, 2015 in Computer Security


The web browser named BoBrowser by ClaraLabs S.A. is categorized by security experts as a Potentially Unwanted Program with adware functionality because it inserts marketing content in the web pages presented to you. The BoBrowser application is distributed via freeware packages and installation allows it to be set as your default web browser. Additionally, the BoBrowser software will send your search queries, browsing history and data on preferred websites to its developer's servers, as well as record your downloads. The BoBrowser software is used by retailers to display marketing materials such as commercials, transitional and contextual ads, pop-ups and banners on affiliated and non-affiliated websites. The modus operandi of BoBrowser might not be appealing to most computer users because it makes available many aspects of your online habits to its publishers. The collected...

Posted on January 29, 2015 in Possibly Unwanted Program


The HighDP browser application is built using the Crossrider toolkit to enable its cross-browser functionality that is promoted to provide high-quality videos on the Internet. The HighDP software may attach an add-on, a Browser Helper Object or a browser extension depending on what the browsers you have installed on your PC. The HighDP browser application is perceived by security researchers as adware because it might inject advertisements on the websites you preview. Adware developers created HighDP to display ads, pop-ups, banners and in-text hyperlinks that upon clicks generate pay-per-click revenue for them. The HighDP software acts like a personal ad network that may provide you with potentially harmful content. The HighDP adware may arrive in your system by bundling with freeware installers that you operated via the 'Express' or 'Typical' option. The HighDP adware may collect...

Posted on January 29, 2015 in Adware

Computer users experiencing a pop-up by can be noted that it is presented to them by adware infection on their system. The adware behind the pop-up may have arrived on their PC along with a free application, and it is created to invite yours to download malware. The adware that presents users with the pop-up is connected to the IP address that is used to distribute trojans such as the NGRBot and Symmi. Security experts strongly advise against clicks on the pop-up because it can lead to download and installation of malware that can grant hackers a remote access to your PC and your log-in details could be stolen. You might want to employ the services of a reputable anti-malware solution to purge the adware displaying the pop-up and protect you from potential...

Posted on January 28, 2015 in Browser Hijackers


The MP1ayerV2.1 software published by MPplayerS3rv is deemed by security researchers as adware because it injects marketing materials in the web browser. The MP1ayerV2.1 is built with the Crossrider extension toolkit, and you may detect it as a browser extension, an add-on, and a Browser Helper Object. The MP1ayerV2.1 adware functions as a marketing engine of vendors that is used to present users with many discounts, coupons, banners, special offers, ad boxes and pop-ups. Adware such as the MP1ayerV2.1 often uses freeware installers as a vessel to achieve a drive-by installation when you use the 'Express' or 'Typical' option. The ads by MP1ayerV2.1 might cover your browser surface, and your click-stream could be used to generate custom-made marketing content. The activities performed by the MP1ayerV2.1 adware may obstruct your online routine, and you might want to use a trustworthy...

Posted on January 28, 2015 in Possibly Unwanted Program
1  2  3  4  5  6  7  8  9  10  11  12  Next     Total items: 13078