Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,100,214 3%
2 Conduit Search/Toolbar 1,510,800 2%
3 PUP.SupTab 1,104,594 4%
4 PUP.SuperWeb 908,846 3%
5 PUP.InstallCore 902,936 2%
6 PUP.Optimizer Pro 891,472 2%
7 Adware.Multiplug/Variant 881,053 4%
8 Iminent Toolbar 751,427 3%
9 PUP.CrossRider 646,058 5%
csv
Download as CSV
More Info
i

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware

Screenshot

The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware

Screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware

Screenshot

The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar

Screenshot

MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware

Screenshot

ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus

Screenshot

The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum

Screenshot

Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer

Screenshot

DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

‘Chrome-wx.updaternow.xyz’ Pop-Ups

The Chrome-wx.updaternow.xyz domain is associated with a browser hijacker that is dispersed among users embedded with freeware bundles. The Chrome-wx.updaternow.xyz browser hijacker can affect Google Chrome, Mozilla Firefox, and Internet Explorer. The Chrome-wx.updaternow.xyz browser hijacker is designed to change your default homepage and show pop-ups from Chrome-wx.updaternow.xyz that urge users to install a supposedly safe update to their Web browser. The updates promoted on Chrome-wx.updaternow.xyz come in the form of a ZIP file that has to be extracted twice before users can obtain the executable update. Users may find it hard to close the messages from Chrome-wx.updaternow.xyz due to the implementation of JavaScript that initiates the update download automatically. Computer users should take into consideration the information above and abstain from installing updates from...

Posted on July 28, 2015 in Browser Hijackers

‘Updater-th.updatenotifier.net’ Pop-Ups

Security investigators recognize the Updater-th.updatenotifier.net domain as unsafe, and it is linked to a known source of cyber threats and badware, namely DownlaodVault.com. The Updater-th.updatenotifier.net pop-up windows in your browser are caused by a browser hijacker affecting your system. The Updater-th.updatenotifier.net browser hijacker is coded to show pop-ups and spread riskware such as the Super Optimizer and the Speed Browser . The Updater-th.updatenotifier.net browser hijacker may have been installed on your computer with a freeware package that you downloaded from a suspicious software distribution platform. Security investigators note that the content on the Updater-th.updatenotifier.net pop-ups can appear differently depending on what Web browser you are using. The common behavior of the Updater-th.updatenotifier.net adware is to notify users with a pop-up window...

Posted on July 28, 2015 in Browser Hijackers

‘Distinct2c.work’ Pop-Ups

The Distinct2c.work pop-up windows that users experience in their web browser may claim to provide a safe update to their browser, but they are generated by adware. Therefore, security analysts warn users not to install software promoted on the Distinct2c.work pop-ups. The adware that is responsible for the Distinct2c.work pop-ups is created to spread riskware, namely the LightningDownloader and others like the TransitSimplified Toolbar . The programs mentioned before could decrease your overall computer performance, and show advertisements loaded on banners and floating ad boxes in your Web browser. The Distinct2c.work pop-ups may use the gray nuance typically associated with the Adobe Flash Player for its background and list features of the legitimate Flash player to claim credibility. However, you should not trust the Distinct2c.work pop-ups and avoid following links on the...

Posted on July 28, 2015 in Adware

‘Windows-delight.info’ Pop-Ups

The Windows-delight.info pop-up messages in your Internet browser are caused by a browser hijacker on your system that is created to promote the tech assistance found on PC2Techs.com website. The Windows-delight.info pop-ups may claim to be from Microsoft and that there have been detected a suspicious activity on your computer, but you should not believe those claims. Moreover, the Windows-delight.info pop-up windows may invite users, not to turn off or restart their PC to avoid data loss in order to create a sense of peril. Users will be urged to call 1-855-233-9250 for immediate assistance from certified technicians on PC2Techs.com The technicians on 1-855-233-9250 that are associated with Windows-delight.info and PC2techs are not trusted, and you are not advised to seek their help. As stated above the Windows-delight.info pop-ups are caused by a browser hijacker that may have...

Posted on July 28, 2015 in Browser Hijackers

‘Support-and-services.info’ Pop-Ups

Security researchers report that fake technical support agents use the Support-and-services.info domain, and you are not advised to follow directions listed on the domain. Computer users that experience pop-up windows by Support-and-services.info may want to know that they are infected with a browser hijacker. The threat may have entered your computer during the installation of a free program with the 'Express' or 'Typical' option. The Support-and-services.info browser hijacker helps scammers scare users into contacting them. The Support-and-services.info pop-up windows may suggest that your Facebook profile and credit card information is in danger because there is spyware on your PC. However, you should not trust the messages on Support-and-services.info and abstain from hasty decisions. As stated above, the Support-and-services.info pop-ups are generated by a browser hijacker and...

Posted on July 28, 2015 in Browser Hijackers

Exploit:HTML/Axpergle.N

The Exploit:HTML/Axpergle.N alert is used security solutions to inform users of an attempted exploit of vulnerabilities in the Adobe Flash Player and Microsoft Silverlight software. The Exploit:HTML/Axpergle.N is part of the Angler Exploit Kit that is widely used by scammers and hackers to show misleading messages and install malware. The Exploit:HTML/Axpergle.N alert can be triggered by web-based attacks at CVE-2013-0074; CVE-2014-0497; CVE-2014-8439 and CVE-2015-0311 vulnerabilities. The Exploit:HTML/Axpergle.N threat detects what browser you are running and what version of Silverlight and Flash is installed on your system. The Exploit:HTML/Axpergle.N attack can allow hackers to install malware on your computer such as trojan droppers, viruses and ransomware. The Exploit:HTML/Axpergle.N threat can be utilized by attacker to introduce Rovnix, Xpiro and Reveton into your system...

Posted on July 27, 2015 in Trojans

Computer Pal

The Computer Pal software is another product by the infamous SuperWeb LLC and is promoted as an advanced tool to help users search faster and smarter on the web. However, security experts perceive the Computer Pal software as adware because the only optimization made available to users is the appearance of many sponsored search results, banners, pop-up windows and inline ads. SuperWeb LLC deploys the Computer Pal adware as a part of free software packages on low-quality application distribution platforms. The Computer Pal adware does not differ much from other SuperWeb products like Clock Hand and Girafarri and may use tracking cookies, read your browsing history and detect your approximate geographical location to show customized commercials. Moreover, the Computer Pal adware may add a task in the Windows Task Scheduler to enable its automatic updates and patches and may install...

Posted on July 27, 2015 in Adware

Bholog.B Trojan

The Bholog.B malware is classified as a trojan that can steal sensitive information like credit card details and passwords by using a keylogger module. The Bholog.B malware is dispersed as an attached file to spam emails and can launch a background process named 'broda.exe' to execute its operations. The Bholog.B keylogger creates several hooks in Windows to record your keystrokes and messages you input in fields on program windows. The Bholog.B malware can edit your Windows Registry to launch at system start-up. Security researchers note that the Bholog.B keylogger can take advantage of Internet Explorer and use it to send the collected data to a remote server. The Bholog.B malware can record what programs you open, your browsing history and user credentials. Computer users infected with the Bholog.B malware are in danger of losing control over their social media accounts and...

Posted on July 27, 2015 in Trojans

Daugava Ads

The distinct banners by Daugava that accompany your Internet browsing activities are displayed by adware on your system. The Daugava adware is deployed embedded with freeware bundles on low-quality software distribution platforms. The Daugava adware is specialized in displaying banners and web page headers that are loaded with promotional offers related to computer hardware, accessories and camping goods predominantly. The Daugava adware is written with the aim of generating affiliate revenue by displaying advertisements in the Internet client of infected users. You should remember that the ads by Daugava are not safe, and you may be provided with corrupted content and redirected to compromised online resources and untrusted online stores. The Daugava adware may use pop-up windows to promote bad toolbars like WhiteSmoke and BlueSprig that can apply several unwanted changes to your...

Posted on July 27, 2015 in Adware

MicroChallenger Ads

The MicroChallenger app may be promoted to you as an online shopping assistant that can deliver you product offers with the lowest prices available, but it is considered as adware. The MicroChallenger adware travels incorporated with freeware setup files and can be noticed under the 'Advanced' or 'Custom' option. The MicroChallenger adware fictions similarly to other adware like 2YourFace and Better Brain and may show banners, pop-ups, inline ads, coupons, and discounts. The MicroChallenger adware is created to show ads in your web browser and earn pay-per-click revenue. The MicroChallenger adware can optimize its marketing offers by using web beacons, tracking cookies and read your bookmarks. The MicroChallenger adware may intrude on your privacy and cover you browser surface with numerous ads. Moreover, the MicroChallenger adware might promote rogueware such as Albinos Defender...

Posted on July 27, 2015 in Adware

Ads Remover

The Ads Remover browser extension may have been offered to you in a freeware package as a security layer to block unsafe ads. However, the Ads Remover browser extension is deemed as adware. Security authorities note that the Ads Remover adware functions similarly to BlockIt and Red AdBlocker , and block the native ads on websites you visit to show only commercials from sponsors. Moreover, the Ads Remover adware is known to show pop-up windows from the untrusted View.Contextualyield.com domain and perform occasional redirects to compromised websites. The Ads Remover adware may modify the way web pages are presented to you and place a header loaded with promotions and show banners. Needless to say, the Ads Remover may claim to remove ads, but it will show numerous marketing materials from sponsors. The Ads Remover adware may suggest users to install programs like Disk Doctor and...

Posted on July 27, 2015 in Adware

Unfriend Watch

The Unfriend Watch software that is developed by Fresh Applications is advertised to allow Facebook users to track who of their contacts on the media recently unfriended them. The Unfriend Watch software can be acquired on UnfriendWatch.com and via free program bundles. Security experts perceive the Unfriend Watch software as a Potentially Unwanted Program (PUP) because it is supported by advertisements displayed in your Internet browser. The advertisements by Unfriend Watch in your Internet browser may obstruct your comfortable online experience. You should note that the Unfriend Watch application is not affiliated with Facebook, and it may pose security risks to use it. The developers behind Unfriend Watch insist that their app does not store personally identifiable information like your Facebook login details and credit card data. However, they use web beacons, tracking cookies and...

Posted on July 27, 2015 in Possibly Unwanted Program

Smart AD

The commercials by Smart AD in your Web browser are facilitated by adware on your computer that you may have installed along with a free program via the 'Typical' or 'Express' option. Security analysts note that the Smart AD adware is designed to show commercials in your Web browser and earn affiliate revenue for its developers. In order to maximize its efficiency, the Smart AD adware may use tracking cookies and DOM storage data to show you customized advertisements. That way users with different online behavior will see personalized marketing content and will be more inclined to click on the ads by Smart AD. Security analysts underline that the ads by adware such as the Smart AD are not perceived as safe and users may be directed to harmful websites. Moreover, the Smart AD adware may suggest you to install rogue software like Active Pro Security Antivirus and AdCare by claiming...

Posted on July 27, 2015 in Adware

Solvemypc1.net

The Solvemypc1.net pop-ups that urge users to call 1-866-436-9418 to receive technical support in removing spyware are generated by adware designed to earn affiliate revenue for its developers. The Solvemypc1.net pop-ups may be presented to you as soon as you turn your PC because the associated adware have tempered with your Windows Registry and Web browser settings. The Solvemypc1.net pop-up windows may claim to be a Windows Firewall warning and direct you to call 1-866-436-9418, but you should not believe that. The purpose of the Solvemypc1.net pop-ups is to scare users to call 1-866-436-9418 where scammers may attempt to convince you to allow them to connect to your PC and clean it. Needless to say, you are not advised to follow instructions displayed by adware and contact fake technical support agents that may steal your social media and online banking details. Security...

Posted on July 27, 2015 in Adware

Go-search.ru

The Go-search.ru website features the same search engine seen on mail.ru and is associated with a browser hijacker application that is designed to redirect traffic to Mail.ru and earn affiliate revenue. The Go-search.ru website has a minimal layout and presents users with a search box and a button to launch a search query named 'Найти' which is Russian for 'Search'. Several security web filters detect that search queries made via Go-search.ru are rerouted via suspicious advertising proxies and users are not advised to use the services on Go-search.ru. The browser hijacker associated with Go-search.ru may have arrived on your computer as a part of a freeware bundle that most users handle with the 'Express' or 'Typical' option. The Go-search.ru browser hijacker will edit your Windows Registry to set Go-search.ru as your default homepage, new tab and search provider, and prevent...

Posted on July 27, 2015 in Browser Hijackers
1 2 3 4 5 6 7 8 9 10 11 950