Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,797,398 -0%
2 Conduit Search/Toolbar 1,248,339 -1%
3 PUP.SupTab 886,121 -2%
4 PUP.InstallCore 885,098 -1%
5 PUP.Optimizer Pro 813,761 -2%
6 Hijacker 640,364 -0%
7 Adware.LinkSwift 636,614 -0%
8 V9 Redirect Virus 611,120 -0%
9 548,128 -2%
10 Babylon Search/Toolbar 544,481 -1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


The web browser named BoBrowser by ClaraLabs S.A. is categorized by security experts as a Potentially Unwanted Program with adware functionality because it inserts marketing content in the web pages presented to you. The BoBrowser application is distributed via freeware packages and installation allows it to be set as your default web browser. Additionally, the BoBrowser software will send your search queries, browsing history and data on preferred websites to its developer's servers, as well as record your downloads. The BoBrowser software is used by retailers to display marketing materials such as commercials, transitional and contextual ads, pop-ups and banners on affiliated and non-affiliated websites. The modus operandi of BoBrowser might not be appealing to most computer users because it makes available many aspects of your online habits to its publishers. The collected...

Posted on January 29, 2015 in Possibly Unwanted Program


The HighDP browser application is built using the Crossrider toolkit to enable its cross-browser functionality that is promoted to provide high-quality videos on the Internet. The HighDP software may attach an add-on, a Browser Helper Object or a browser extension depending on what the browsers you have installed on your PC. The HighDP browser application is perceived by security researchers as adware because it might inject advertisements on the websites you preview. Adware developers created HighDP to display ads, pop-ups, banners and in-text hyperlinks that upon clicks generate pay-per-click revenue for them. The HighDP software acts like a personal ad network that may provide you with potentially harmful content. The HighDP adware may arrive in your system by bundling with freeware installers that you operated via the 'Express' or 'Typical' option. The HighDP adware may collect...

Posted on January 29, 2015 in Adware

Computer users experiencing a pop-up by can be noted that it is presented to them by adware infection on their system. The adware behind the pop-up may have arrived on their PC along with a free application, and it is created to invite yours to download malware. The adware that presents users with the pop-up is connected to the IP address that is used to distribute trojans such as the NGRBot and Symmi. Security experts strongly advise against clicks on the pop-up because it can lead to download and installation of malware that can grant hackers a remote access to your PC and your log-in details could be stolen. You might want to employ the services of a reputable anti-malware solution to purge the adware displaying the pop-up and protect you from potential...

Posted on January 28, 2015 in Browser Hijackers


The MP1ayerV2.1 software published by MPplayerS3rv is deemed by security researchers as adware because it injects marketing materials in the web browser. The MP1ayerV2.1 is built with the Crossrider extension toolkit, and you may detect it as a browser extension, an add-on, and a Browser Helper Object. The MP1ayerV2.1 adware functions as a marketing engine of vendors that is used to present users with many discounts, coupons, banners, special offers, ad boxes and pop-ups. Adware such as the MP1ayerV2.1 often uses freeware installers as a vessel to achieve a drive-by installation when you use the 'Express' or 'Typical' option. The ads by MP1ayerV2.1 might cover your browser surface, and your click-stream could be used to generate custom-made marketing content. The activities performed by the MP1ayerV2.1 adware may obstruct your online routine, and you might want to use a trustworthy...

Posted on January 28, 2015 in Possibly Unwanted Program


The Shoppy-Up browser application published by Winportal promises optimized searches and budget-friendly features to online shoppers. It might sound attractive, but you might want to know that the Shoppy-Up browser application is perceived by security researchers as adware. The Shoppy-Up adware utilizes the Crossrider toolbar creation and distribution platform to enable its cross-browser functionality and can be found accompanying freeware bundles. The Shoppy-Up adware is used by ad providers to push advertisements aggressively in the form of pop-ups, contextual ads, and banners into your web browser. Additionally, the Shoppy-Up may collect non-personally identifiable data such as browsing history and engaged content and use it to generate tailor-suited ads. The Shoppy-Up adware might appear as a Browser Helper Object, an extension or an add-on, and its complete removal could be...

Posted on January 28, 2015 in Adware

Rocket Deal

The Rocket Deal browser tool is promoted as an online shopping companion that can deliver you smart offers and deals. However, it is branded by computer experts as adware that can cover your browser surface with numerous ads, pop-ups, banners, coupons and ad boxes. The Rocket Deal software is part of a growing franchise of Rocket adware applications such as the RocketSaler and RocketTab. The Rocket Deal browser tool has versions for Internet Explorer, Google Chrome, and Mozilla Firefox, which are used to facilitate the display of advertisements. The Rocket Deal software can be downloaded as a stand-alone installer, but most of its installations are the result of bundling with freeware. The Rocket Deal adware may read your search queries and browsing history to display targeted ads in your browser, and that might not be welcomed by many users. If you want to remove the...

Posted on January 28, 2015 in Possibly Unwanted Program


PrestoSavings is a piece of adware, published by a company called Engauge Innovations, that will display annoying advertisements on your browser screen, if you are unfortunate enough to install PrestoSavings. Several malware experts also identify PrestoSavings as a Potentially Unwanted Program (PUP). PrestoSavings interrupts your browsing process every few minutes by showing you pop-ups, banners and coupons, but may also change your home page and new tab browser options. The form PrestoSavings takes on is as a BHO (Browser Helper Object) and installs as an add-on to your browser. PrestoSavings affects browsers like Internet Explorer, Mozilla Firefox and Google Chrome. Is this Your Regular Run-of-the-Mill Adware? The short answer is – yes. But, there are a few particular things, other than bombarding you with advertisements about products that may prove more harmful to your...

Posted on January 28, 2015 in Adware

The domain is connected to adware that displays pop-ups and ads in the web browser of infected users. The pop-ups and ads suggest users to install a supposedly legitimate Java software and notify of system errors. The pop-ups and ads suggest users to repair their system errors by calling a technician via the phone number '1 (888) 604-1003'. Also, the pop-up by may claim that you have adware and spyware on your PC. The web page may feature a Windows Firewall logo and a McAfee logo as well, but security experts reveal that the ads and pop-ups are generated by adware infection on your system. Calling the '1 (888) 604-1003' phone number on the domain may result in the installation of potentially harmful software, other adware and high phone bills. The adware behind the pop-ups and ads could...

Posted on January 28, 2015 in Browser Hijackers

The pop-up shows in the web browser of computer users with adware on their system, and it may suggest the installation of potentially harmful software. domain is connected to several IP addresses that are associated with spreading adware such as the DealPly and InstallCore and Potentially Unwanted Programs (PUPs). The adware generating the pop-up could have been installed in your system through the installation of freeware packages via the 'Express' or 'Typical' option. It might not be advised to click on the pop-up when it can deliver you computer threats, and you might wish to eradicate the responsible adware with the help of a trusted anti-spyware solution.

Posted on January 27, 2015 in Browser Hijackers

The pop-up is generated by adware on your PC that may have entered your system via bundling with freeware. Security researchers advise users not click on pop-ups by because the IP of the domain is connected to the deployment of computer trojans such as Win.Trojan.Symmi and ransomware. Clicking on the pop-up may result in the installation of possibly harmful software that could be used to steal your banking credentials and valuable log-in details. You might want to keep your Windows regularly updated to ensure that system vulnerabilities can't be exploited for automatic software download. The adware responsible for the pop-up can be addressed with a trusted anti-malware solution that can clean and protect your system.

Posted on January 27, 2015 in Browser Hijackers

The domain hosts a web page that uses an emblem similar to the icon of Windows Firewall and suggests users to call '1-855-565-3218' or '1-866-560-5093' to receive technical support for system problems. The domain is connected to adware that promotes the services of 'System Support IT' through continuous display of a pop-up window every time the user starts a web browser session. The adware behind the pop-up might have arrived in your PC along with a free application, and you might want to review recently installed freeware. Adware is typically created to promote services, online shops and products by persistent display of marketing materials, and the majority of computer users might not like that. The 'System Support IT' services on the domain might not be trustworthy as it is the case with companies...

Posted on January 27, 2015 in Adware

The domain is used by adware developers to support their private ad network that generates pay-per-click revenue for them. The domain is connected to adware that displays pop-up windows and ads promoting Potentially Unwanted Programs (PUPs) when users visit forums and technology related websites. The adware behind the pop-ups and ads may have been installed as a helpful add-on or Browser Helper Object part of a freeware installation. Adware developers create seemingly useful browser tools only to attract users to install their adware that can use monetization techniques. Namely, pay-per-click revenue from the displayed ads and when users install promoted Potentially Unwanted Programs (PUPs). If you don't like your system to be used for the financial profit of adware developers, you might want to clean your system with the help...

Posted on January 27, 2015 in Browser Hijackers

Positive Finds

The Positive Finds is promoted as a search assistant that allows you to search more efficiently. You might be offered to install the Positive Finds software when you browse the 'Custom' or 'Advanced' option in freeware bundles, or it will be installed automatically. The Positive Finds browser application might appear as an extension in Google Chrome, an add-on in Mozilla Firefox and as a Browser Helper Object in Internet Explorer and its installation will result in the appearance of many ads. Security researchers point out that the Positive Finds browser application is perceived as adware because it may inject the web pages you browse with banners, contextual ads, and pop-ups. The ads by Positive Finds may be based on your search operations and collected browsing information that is a standard practice among adware products. The Positive Finds adware may prove an obstruction for your...

Posted on January 27, 2015 in Adware

The domain is used by adware on infected PCs to display a pop-up window that suggest to computer users to install a potentially harmful software. Security researchers discovered that the domain is linked to several IP addresses that are associated with the deployment of Potentially Unwanted Programs (PUPs) and adware products such as Multiplug. Additionally, the domain is recognized as malicious by several leading web applications. The adware that is responsible for the pop-up might have been installed on your system during a free application installation via the 'Express' or 'Typical' option. Experts advise users not to click on the pop-up because that might result in unwanted software installation. If you are presented with the pop-up, you might want to...

Posted on January 27, 2015 in Browser Hijackers

The domain is utilized by adware that displays a pop-up window saying that the computer user has 'Possible Privacy breach and Computer Error Detected Due to Suspicious Activity Found on Your Computer'. In addition, the pop-up on suggest users to call a technician on the phone number '1 (855) 448-7792', but security experts note that the pop-up is generated by adware on your system. The adware behind the pop-up aims to direct users to dial a specified phone number that may result in high phone bill or the installation of potentially harmful software. You might want to know that the adware that displays the pop-up by may have been installed on your system as a drive-by installation of freeware. Security experts remind that adware is created to promote products, services and online shops, and it may slow down your system or...

Posted on January 27, 2015 in Adware
1  2  3  4  5  6  7  8  9  10  11  12  Next     Total items: 13066