Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,061,529 -2%
2 Conduit Search/Toolbar 1,504,721 -0%
3 PUP.SupTab 1,098,021 -1%
4 PUP.SuperWeb 898,843 -1%
5 PUP.InstallCore 891,311 -1%
6 PUP.Optimizer Pro 878,305 -1%
7 Adware.Multiplug/Variant 859,734 -2%
8 Iminent Toolbar 747,275 -1%
9 Qvo6.com Hijacker 642,931 -0%
csv
Download as CSV
More Info
i

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware

Screenshot

The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware

Screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware

Screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar

Screenshot

MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware

Screenshot

ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus

Screenshot

The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum

Screenshot

Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer

Screenshot

DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

‘Windows 10 Free Update’ Fake Message

Taking advantage of the Windows 10 operating system released by Microsoft recently, the cyber crooks are sending a fake message offering a free update for Windows 10. To give credibility to their fraudulent message that supposedly was sent from 'update@microsoft.com,' they have created a disclaimer with a genuine appearance and even mention that the bogus message is safe since it was scanned prior to been sent. However, the message has an attachment, a file named Win10Installer.zip that is, in reality, a variant of the CTB-Locker (Critoni) Ransomware. Therefore, if the computer users open the file and run it, the threat will encrypt their files, prevent access to them and demand the payment of a ransom in order to receive a decryption key. The ransom that needs to be paid with Bitcoins within 96 hours should use the Tor network to remain unidentified. As with any file encrypted by...

Posted on August 3, 2015 in Ransomware

MNTR Ads

You may want to know that the ads by MNTR in your Internet client are facilitated by an adware-powered browser add-on on your system. Some security investigators speculate that MNTR stands for Multinational Trade Republic but in the world of adware the name is not as important as the ability to go undetected by security scanners. The MNTR adware is known to accompany free programs under the 'Advanced' or 'Custom' option. The MNTR adware is specialized in displaying floating ad boxes, banners and comparative shopping offers on websites like Amazon, eBay, and Walmart. The MNTR adware may use JavaScript and ActionScript to execute its operations and may slow down your Web browser. Additionally, the MNTR adware may employ tracking cookies, DOM storage data and read information like your software configuration and browsing history to show related advertisements. Security investigators...

Posted on August 3, 2015 in Adware

Bqszz.super-promo.8155.info

Computer users that experience pop-ups by Bqszz.super-promo.8155.info and are offered to win a high-end phone, tablet and laptop may want to know that are infected with adware. The Bqszz.super-promo.8155.info domain is used by adware developers to earn affiliate revenue by posting surveys and ads in pop-up windows being generated in the Web browser of infected computer users. The adware linked to Bqszz.super-promo.8155.info is distributed among users via freeware packages that most users install with the 'Express' or 'Typical' option. The Bqszz.super-promo.8155.info adware may launch as a background process on boot-up due to modification of your Windows Registry. The adware mentioned before can set your homepage to Bqszz.super-promo.8155.info and show pop-ups as often as you open a new tab and follow links on websites. As stated above, the Bqszz.super-promo.8155.info adware might run...

Posted on August 3, 2015 in Adware

‘Fisher-king.info’ Pop-Ups

Security authorities report that the Fisher-king.info domain is malicious and unknown third parties are using it to promote fake technical support services and bogus updates to Adobe Flash and Java software. Computer users should abstain from clicking on links on the on the Fisher-king.info website. Users that experience pop-up windows by Fisher-king.info are infected with adware and should not believe security messages displayed from the Fisher-king.info domain. Additionally, the Fisher-king.info pop-ups may contain offers to install rogue software like Antiprotect and AntivirSolution that will bring up fake security notifications to convince users to pay for a non-existent protection. PC users that are infected with adware linked to Fisher-king.info could be exposed to cyber threats like Lodbak and Ada . Moreover, the IP address of the Fisher-king.info domain is related to...

Posted on August 3, 2015 in Adware

Happy Cloud Ads

The unusual number of ads by Happy Cloud in your Web browser may annoy many web surfers, and you should know that Happy Cloud is adware. The infamous SuperWeb LLC that released programs like GreyGray and Coupons Free that are known to push many advertisements in your Web browser developed the Happy Cloud adware. The Happy Cloud adware is promoted as a browser add-on that will help web surfers navigate the Internet, but its primary goal is to show numerous advertisements and earn affiliate revenue for its developers. Security analysts note that the Happy Cloud adware travels incorporated with freeware bundles that most users install with the 'Express' or 'Typical' option' and may slow down your Web browser. Moreover, the Happy Cloud adware may place its files in the hidden AppData folder to evade security scans and write an entry in the Windows Registry to start every time you...

Posted on August 3, 2015 in Adware

Blazzer Deals Ads

The slogan 'Shop like a pro with Blazer Deals' is used by SuperWeb LLC to promote yet another shopping tool of their making. The Blazer Deals browser add-on, also seen as Blazzer Deals, can be encountered in freeware packages under the 'Advanced' or 'Custom' option. The Blazer Deals application is recognized as adware that may expose you to corrupted advertisements and decrease your Internet client performance. The Blazer Deals adware claims to enhance your shopping experience by loading discounts, coupons, and limited-time deals in your browser. However, the abundance of the ads by Blazer Deals may cause security and performance problems for many users. The Blazer Deals adware is compatible with Internet Explorer, Google Chrome, and Mozilla Firefox and users should expect to see banners, in-text hyperlinks and pop-up windows by Blazer Deals in the browsers mentioned before. You...

Posted on August 3, 2015 in Adware

‘Disorderstatus.ru/order.php’ Pop-Ups

Malware investigators alert users that the Disorderstatus.ru domain is considered as malicious and pop-up windows from Disorderstatus.ru/order.php should not be interacted with. The domain is related to several threats like Chanitor and Blackbeard that can allow cybercriminals to corrupt programs and obtain files on your computer. The Disorderstatus.ru/order.php pop-up windows could be blocked by ad-blockers and some security apps but are often caused by corrupted executable on your PC. In many cases, the Disorderstatus.ru/order.php pop-ups are caused by a fake Microsoft Windows Installer executable that is set to work as a background process in your Windows Task Manager. The malware in question may have arrived on your PC as an attached ZIP file with a double extension that was attached to a spam email. Malware investigators remind users not to download files from software...

Posted on August 3, 2015 in Adware

‘Liam.x’ Pop-Ups

Users that are presented with pop-up windows about 'Microsoft Real Time Web Monitor' detecting the Liam.x virus are infected with adware. You should not call the phone number 800-078-6078 provided on the Liam.x pop-ups because you will engage scammers. The fake technicians on 800-078-6078 will try to convince you to pay for their services and that you need to fix your PC as soon as possible. As stated above, the Liam.x pop-ups are generated by adware on your computer that may have arrived incorporated with a free program installer. Security researchers note that the Liam.x pop-ups could be generated by several threats such a Top Deals , FlexibleShopper and Hot Deals . The threats mentioned before are known to appear as browser extensions for Google Chrome, Mozilla Firefox, and Internet Explorer. The purpose of adware is to advertise services and products regardless of their safety...

Posted on August 3, 2015 in Adware

StartCoup Ads

StartCoup Ads is a Potentially Unwanted Program (PUP) with adware capabilities. StartCoup Ads is advertised as a useful utility that will help you with online shopping. However, this browser plug-in generates ads and pop-ups that may hinder your browsing experience. StartCoup Ads is distributed via the all-too-familiar method of software bundling; this alone casts StartCoup Ads in a less than favorable light. StartCoup Ads is compatible with most modern, Windows-based browsers. Once installed, StartCoup Ads will constantly display ads and pop-ups containing discount offers, coupons, special promotions, etc. While the users that are heavily into online shopping may find this useful, the number of ads and pop-ups will probably annoy the average user. Furthermore, the advertisement banners and pop-up windows may contain potentially dangerous content or may redirect you to infected...

Posted on August 3, 2015 in Possibly Unwanted Program

Jabuticaba Ads

Jabuticaba Ads is a curiously named PUP (Potentially Unwanted Program) with adware capabilities. Named after the Brazilian grape tree, the Jabuticaba Ads is a browser add-on that displays advertisements and pop-ups. Unfortunately, the name is by far the most distinguishing characteristic of this browser plug-in; the rest of it is nothing more that another cookie-cutter browser application. Jabuticaba Ads is distributed via software bundles, further cementing its reputation as a PUP. The goal of Jabuticaba Ads is simple´╝Źdisplay ads and pop-ups to entice users into clicking on them. Every click generates revenue for the owners of Jabuticaba Ads. Even though some of the ads generated by Jabuticaba Ads may look interesting, it is not advised to click on them. The content of the ads may be dangerous, redirecting you to malicious websites or promoting deceptive software. In all cases,...

Posted on August 3, 2015 in Possibly Unwanted Program

RandomDealApp Ads

RandomDealApp is a browser add-on designed for the online shopping aficionados. At least that's what the developers of RandomDealApp want you to think. Like most of the browser add-ons of similar quality, RandomDealApp is distributed primarily through software bundles, even though it has an official website with download links. RandomDealApp is compatible with most modern browsers´╝ŹInternet Explorer, Mozilla Firefox and Google Chrome. RandomDealApp is advertised as a useful shopping tool that will display all kinds of discounts, coupons, freebies and other goodies that make online shoppers weak in the knees. In reality, the utility of RandomDealApp is questionable with the links to discounts and coupons often being deceptive, invalid or outright nonexistent. Unfortunately, RandomDealApp is one of the many browser plug-ins that are designed for the sole purpose of generating...

Posted on August 3, 2015 in Possibly Unwanted Program

PCandMobileGames

The PC&MobileGames software is promoted as a gaming platform for your phone and desktop that will allow you to synchronize your progress on the games you play on PC and mobile. However, you might wish to know that it is adware, and its primary objective is to show advertising content in your Internet browser. The PC&MobileGames adware is created by Tuto4PC and is related to programs like EoRezo and Freemium that have a bad reputation. The PC&MobileGames adware travels incorporated with third-party program installers and could be installed on your computer via the 'Typical' or 'Express' option automatically. Security analysts reveal that the PC&MobileGames adware will use tracking cookies, ActionScript3 and read your browsing history to display banners, pop-up windows and ad boxes loaded with custom-made ads. Moreover, the PC&MobileGames adware may change your default search...

Posted on August 3, 2015 in Adware

Fusion Browser

The Fusion Browser developed by Fusion Browser Media is deployed as an innovative Internet client built on the best features of Chromium and upgraded with additional extensions to maximize your productivity. The Fusion Browser can be downloaded directly from GetFusion.net and can be installed via freeware packages offered on software distribution platforms. You should know that advertising revenue supports the Fusion Browser, and you may be shown pop-ups, banners, and video ads. Therefore, the Fusion Browser is deemed as a Potentially Unwanted Program (PUP) that will display targeted advertisements to support its development. The developers of the Fusion Browser can use it to access information from your preferred web pages, bookmarks, browsing history and download logs to provide you with related promotions. Moreover, the secure VPN service implemented in the Fusion Browser is...

Posted on August 3, 2015 in Adware

‘Scaninfor.info’ Pop-Ups

Security researchers report that the Scaninfor.info domain is untrusted and is being used by adware developers to promote bogus technical support services on 1-855-720-2636 via pop-up windows. The adware related to Scaninfor.info may have entered your computer as a drive-by installation of a freeware bundle that you handled with the 'Express' or 'Typical' option. The pop-up windows by Scaninfor.info in your Internet browser may claim that you are infected due to several corrupted files in your Windows directory. Also, you may be led to believe that you are not authorized to use your PC until you contact 1-855-720-2636 to receive immediate help. In other cases involving the Scaninfor.info domain, adware is using pop-ups to suggest users that their Windows license is not genuine and need to call 1-855-720-2636 to talk with Microsoft support staff. However, in both cases the...

Posted on August 3, 2015 in Adware

Simple Tricks to Destroy Fake Anti-Virus/Anti-Spyware Programs

Each and every day we strive to defeat stubborn malware and often share our technical analysis in various forms with our followers to help avoid and reduce computer malware infections. One common type of malware threat, fake anti-virus applications, has been a detrimental force in attacking computer users through a long, drawn-out victimization by clever money extortion techniques. Among those sneaky actions, many fake anti-virus programs have a weakness that may be captured that does not always involve use of an anti-virus or anti-spyware solution. Sometimes the simplicity of amending an anti-virus threat is the best approach. Such can be said in the case that you receive a pop-up from a fake anti-virus program claiming that your computer has an issue, or there is an infection detected. The pop-up will usually count on you clicking the "OK" or "remove" button, which will then...

Posted on July 31, 2015 in Computer Security
1 2 3 4 5 6 7 8 9 10 11 952