Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,099,600 0%
2 Conduit Search/Toolbar 875,439 0%
3 Adware.LinkSwift 630,029 0%
4 Qvo6.com Hijacker 608,359 0%
5 PUP.Optimizer Pro 554,232 0%
6 V9 Redirect Virus 536,791 0%
7 PUP.InstallCore 527,398 0%
8 PUP.SupTab 471,997 0%
9 Babylon Search/Toolbar 423,458 0%
10 WeDownload Manager 416,203 0%
csv
Download as CSV
More Info
i

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

CryptoWall Ransomware

Screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware

Screenshot

The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)

Screenshot

The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar

Screenshot

MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware

Screenshot

ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus

Screenshot

The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum

Screenshot

Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer

Screenshot

DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Emotet

Malware analysts use the name Emotet to specify a trojan that can travel in spam emails as a .zip or .exe file that is programmed to inject a malicious DLL directly into the 'explorer.exe' process. Additionally, the Emotet trojan makes a copy of itself that places in the 'APPDATA' folder of Windows to avoid easy detection. Security researchers note that the Emotet trojan can download additional DLL files that may expand its functionality in order to steal usernames and passwords from intercepted web traffic.The information gather by the Emotet trojan is sent to a remote server controlled by its handlers that can instruct it to download and install other malware, as well as uninstall Emotet remotely. Computer users infected with the Emotet trojan are advised to use a renown anti-malware application to clean their PC. In order to avoid infection with the Emotet trojan, it is best not to...

Posted on March 5, 2015 in Trojan

TrojanDownloader:W97M/Bartallex

Bartallex is classified by malware researchers as a trojan downloader that functions as a macro in corrupted Microsoft Word Documents. The documents loaded with the Bartallex trojan downloader might pretend to be payment notifications from renown online stores such as Amazon and Ebay. As aforementioned, Bartallex is deployed in spam emails and if you have enabled macro in your office suite it is automatically executed. The Bartallex malware can be detected by security applications as TrojanDownloader:W97M/Bartallex and it should not be underestimated. A successful infiltration of the Bartallex trojan downloader can expose you to viruses, keyloggers, worms and other trojans. Cyber criminals may use the TrojanDownloader:W97M/Bartallex as part of complex attacks that may result in the loss of banking credentials, files being stolen, corruption of documents and remote access to infected...

Posted on March 5, 2015 in Trojan Downloader

Trayoatmeal.country

The Trayoatmeal.country web page can be accessed only from computers infected with adware that is programmed to show pop-ups that might promote potentially harmful software. The Trayoatmeal.country pop-up window is presented to web surfers by adware that may have been automatically installed on your machine during the installation of a free application via the 'Express' or 'Typical' option. You might want to keep in mind that the programs promoted on the Trayoatmeal.country pop-up may perform many unwarranted changes to your system. Also, security experts note that the adware related to Trayoatmeal.country can be used by attackers to invite users to install a remote access application and gain control of PCs. Programs that are downloaded from pop-ups more often than not prove to be security threats that can be used to achieve many malicious goals. The adware related to the...

Posted on March 5, 2015 in Browser Hijackers

Sweeppleasure.xyz

The Sweeppleasure.xyz domain is utilized by adware application that is designed to push pop-ups in the web browser of infected computers. Security researchers note that the adware linked to Sweeppleasure.xyz may use a Browser Helper Object, an add-on, and a browser extension to facilitate its operations. Additionally, adware may have entered your computer by bundling with free software installers that you downloaded from the web. You might be interested to know that the IP address 184.73.247.179 of Sweeppleasure.xyz communicates with several cyber threats such as the Black Hole Exploit Kit and the Symmi trojan. Clicks on content provided on the Sweeppleasure.xyz pop-up are not advised, and you may wish to install la reputable anti-spyware solution to boost your cyber defenses and clean your OS from adware

Posted on March 5, 2015 in Browser Hijackers

Intl.mediabat.country

Security experts advise web surfers not to trust content displayed on the Intl.mediabat.country pop-up because it is generated by adware. Additionally, the Intl.mediabat.country pop-up may suggest you to call 1-866-553-2306 for technical support and offer you to install a supposedly legitimate update for your browser. You should keep in mind that the Intl.mediabat.country pop-up is shown to you by adware that may direct you to install potentially harmful software and to call hackers. Web surfers might be interested to know that adware often travels embedded with freeware setup files that most users prefer to install via the 'Express' or 'Typical' option. Adware similar to the one affiliated with Intl.mediabat.country can be used by hackers to point computer users to call fake technical support and receive instructions to install a remote desktop application that can grant attackers...

Posted on March 5, 2015 in Browser Hijackers

Alwaysnew.how2safeupdate.net

The Alwaysnew.how2safeupdate.net domain is used by adware developers as their private advertisement platform. Your PC may be infected with adware that can present you with pop-ups by Alwaysnew.how2safeupdate.net and suggest you to install updates for your Adobe Flash Player and Java software. You may want to know that the Alwaysnew.how2safeupdate.net domain is recognized as malicious by several security applications and interaction with pop-ups by Alwaysnew.how2safeupdate.net is not advisable. The adware responsible for the Alwaysnew.how2safeupdate.net pop-ups may have been automatically installed on your computer when you handled a freeware package installation via the 'Express' or 'Typical' option. If you are having problems with pop-ups by Alwaysnew.how2safeupdate.net, you can seek the help of a trusted anti-spyware solution.

Posted on March 5, 2015 in Browser Hijackers

Channeladvice.country

The Channeladvice.country domain can be accessed only from PCs infected with adware that displays pop-ups promoting potentially harmful software. The Channeladvice.country pop-up is presented to you by adware that may have been automatically installed on your PC during the installation of freeware via the 'Express' or 'Typical' option. The software promoted on the Channeladvice.country pop-up can make several unwarranted changes to your system, and you may want to avoid clicks on content by Channeladvice.country. Programs that are downloaded from pop-ups more often than not prove to be security threats that may grant attackers a remote access to your PC. Also, the adware associated with Channeladvice.country can be used by hackers to promote potentially harmful software. The adware related to the Channeladvice.country domain can be purged from your machine by using a credible...

Posted on March 5, 2015 in Browser Hijackers

Tv-players.net

The Tv-players.net web page is dedicated to products by ClientConnect Ltd. that is famous with several adware applications. Moreover, the Tv-players.net domain is used by adware to display pop-up windows on infected PCs and to promote software from ClientConnect Ltd. Security experts note that ClientConnect Ltd. created Defender Pro and SweetPlayer , and it is connected to the infamous Conduit Search Toolbar . If you are presented with the Tv-players.net pop-up window, it is a sure marker that you are infected with adware that may expose you to other computer threats. The adware responsible for pop-ups by Tv-players.net may have arrived on your PC by incorporating with free application installers that you may have handled via the 'Express' or 'Typical' option. As mentioned before, clicks on the Tv-players.net pop-up may result in the installation of adware and Potentially Unwanted...

Posted on March 5, 2015 in Browser Hijackers

Lp.bestsw.net

The Lp.bestsw.net pop-up window is used by adware to promote the PopronTV software that is supposed to allow you to watch TV on your desktop. However, you might want to reconsider download PopcornTV because the Lp.bestsw.net pop-up is presented to you by an adware infection on your PC. The software promoted on the Lp.bestsw.net pop-up window may prove to be harmful and grant hackers a remote access to your files, programs and banking and social media logins. The adware propelling the Lp.bestsw.net pop-up in your web browser may have entered your PC by embedding with a freeware installer. The cyber threats related to Lp.bestsw.net and the adware responsible for the pop-ups on your screen can be halted by installing a trusted anti-malware application.

Posted on March 5, 2015 in Browser Hijackers

Yourvoices.info

The Yourvoices.info domain is utilized by adware developers in order to monetize clicks by web surfers. The adware related to Yourvoices.info is programmed to display a pop-up window every time you launch your web browser and at regular intervals of time. Security experts note that the Yourvoices.info pop-up may feature links to malicious online resources, and you might want to avoid clicks on the Yourvoices.info pop-up. The Yourvoices.info adware may have arrived on your PC by bundling with freeware that you downloaded from the web attracted by its promoted functionality. Adware often uses an add-on, a browser extension, and a Browser Helper Object to facilitate its operations, and you might want to check for recent additions to your web browser. The Yourvoices.info pop-up can be halted by removing the responsible adware with a trustworthy anti-spyware tool.

Posted on March 5, 2015 in Browser Hijackers

Lights Cinema Ads

The Lights Cinema software is deemed by security experts as adware that is designed to push many marketing materials in your Google Chrome, Mozilla Firefox, and Internet Explorer. The Lights Cinema adware can be found promoted as a helpful browser extension, an add-on, and a Browser Helper Object in freeware bundles. The ads by Lights Cinema may take the form of banners, pop-up and pop-under ads that may clutter your web browser. Users concerned about their online privacy may want to know that the Lights Cinema adware may collect information about their preferred web pages. The Lights Cinema adware may insert a registry key in Windows to auto-start with your OS and to ensure its operations every time you start your web browser. The Lights Cinema adware can be purged from your PC by using a credible anti-spyware tool.

Posted on March 5, 2015 in Potentially Unwanted Programs

866-978-1337 Scam Message

The 866-978-1337 scam message refers to a pop-up window that appears in the web browsers of users infected with adware. An adware infection uses a notification written with capital letters in bright red color that suggests an unauthorized access may have been found in your system in order to scare web surfers and direct them to call 866-978-1337. Security analysts report that computer users who called 866-978-1337 received instructions to download and install a remote access application that allowed crooks to cause PC errors and ask for money to repair the computer. You must remember that the 866-978-1337 scam message is generated by adware on your machine that aims to convince you to call 866-978-1337 and that you might not have a security breach yet. Calling the 866-978-1337 phone number may result in the installation of malicious software, and you should avoid following...

Posted on March 5, 2015 in Adware

CWA Donation Slider Ads

The ads by CWA Donation Slider might be facilitated by an adware powered browser extension, Browser Helper Object, and an add-on. The CWA Donation Slider adware may have arrived on your system by embedding with a freeware setup file that many computer users do not handle via the 'Advanced' or 'Custom' option during the installation process. The CWA Donation Slider adware may display contextual and transitional ads as well as banners on the web pages you visit inside your web browser. The CWA Donation Slider adware might be promoted as a shopping utility that sends a percentage of your purchases for charity, but security experts do not find any proof of such functionality. Additionally, the CWA Donation Slider adware may use its browser integration to gather information about your preferred online resources in order to personalize the advertisement content displayed to you. Computer...

Posted on March 4, 2015 in Adware

Freemediaplayer.tv

Adware on your system might present you with the Freemediaplayer.tv pop-up window that promotes the 'VLC media player' and 'Media player classic' software. If the Freemediaplayer.tv pop-up is not enough to notify you of an adware infection on your PC, then the typos in writing the app names should be the first marker that indicates possibly harmful software. 'VLC media player' and 'Media Player Classic Home Cinema' are the correct names of the renown video players and adware developers use the brands to spread potentially unwanted programs. Security analysts note that the software offered on the Freemediaplayer.tv pop-up is categorized as potentially harmful. The adware that is using the Freemediaplayer.tv domain may be instructed to promote other adware and PUPs. The Freemediaplayer.tv adware may have entered your OS by tagging along with a free application installer that you handled...

Posted on March 4, 2015 in Browser Hijackers

Objectopoly.info

The Objectopoly.info domain that is registered to the IP address 104.28.14.21 is used by adware to display pop-up windows in the web browser on infected machines. Security analysts note that the Objectopoly.info pop-up may offer web surfers to install a supposedly legitimate Java update that may prove to be a Potentially Unwanted Program (PUP). An analysis of the Objectopoly.info pop-up reveals that it features a JavaScript that may direct users to install potentially harmful software and clicks on the Objectopoly.info pop-up are not advisable. If you are wondering how the adware related to Objectopoly.info have entered your OS, you might want to revise recently installed freeware. Adware developers are prone to bundle their products with free software installers because the majority of computer users prefer the 'Express' or 'Typical' option. The adware that generates the...

Posted on March 4, 2015 in Browser Hijackers
1  2  3  4  5  6  7  8  9  10  11  12  Next     Total items: 13303