Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,100,214 3%
2 Conduit Search/Toolbar 1,510,800 2%
3 PUP.SupTab 1,104,594 4%
4 PUP.SuperWeb 908,846 3%
5 PUP.InstallCore 902,936 2%
6 PUP.Optimizer Pro 891,472 2%
7 Adware.Multiplug/Variant 881,053 4%
8 Iminent Toolbar 751,427 3%
9 PUP.CrossRider 646,058 5%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Simple Tricks to Destroy Fake Anti-Virus/Anti-Spyware Programs

Each and every day we strive to defeat stubborn malware and often share our technical analysis in various forms with our followers to help avoid and reduce computer malware infections. One common type of malware threat, fake anti-virus applications, has been a detrimental force in attacking computer users through a long, drawn-out victimization by clever money extortion techniques. Among those sneaky actions, many fake anti-virus programs have a weakness that may be captured that does not always involve use of an anti-virus or anti-spyware solution. Sometimes the simplicity of amending an anti-virus threat is the best approach. Such can be said in the case that you receive a pop-up from a fake anti-virus program claiming that your computer has an issue, or there is an infection detected. The pop-up will usually count on you clicking the "OK" or "remove" button, which will then...

Posted on July 31, 2015 in Computer Security

Chaos Ads

Peculiar ads by Chaos in your Web browser may pique your interest, and you may want to know that you are infected with adware. There is nothing chaotic about the Chaos adware, and it functions orderly just like the TTinline and the UniDeals adware do. The Chaos adware may have entered your computer as a browser add-on embedded with a free program installer that most users handle with the 'Typical' or 'Express' option. The Chaos adware does not differ greatly from its kindred programs and may use session cookies, DOM storage data, read your bookmarks and detect your approximate geographical location to show targeted marketing materials. The Chaos adware can conduct behavioral marketing and users may be offered to install apps like RambleRoam and see many coupons, discounts, and special deals. The Chaos adware-powered add-on may use pop-up windows and banners to deliver marketing...

Posted on July 31, 2015 in Adware


Computer users that are presented with messages from the domain about installing a new version of a Flash player should be distrustful. Security investigators report that the domain is associated with a browser hijacker that travels embedded with freeware packages and shows pop-up windows and changes your home page. The browser hijacker is dispersed among users in order to generate pay-per-install revenue for its creators. The pop-ups may claim to promote an update to your Flash player, but the legitimate Adobe Flash software has a built-in updater that will not show pop-ups in your browser. Moreover, the software on is a download manager that may introduce programs like SpeedAnalysis3 , Registry Cleaner Pro and Search...

Posted on July 31, 2015 in Browser Hijackers

Beagle Browser

The Beagle Browser is deployed to users in freeware packages as an easy--to-use Web browser that provides a clean and safe environment for browsing the Internet. The Beagle Browser is based on the open source project Chromium used by Google and claims to be fast and secure. However, you might want to know that the Beagle Browser is developed by Lollipop Network, S.L. that have spread the Lollipop - Best Deals adware. They used the Lollipop adware to earn affiliate revenue by pushing ads in your Web browser. Security researchers recognize the Beagle Browser as a Potentially Unwanted Program (PUP) with adware capabilities. You should keep in mind that the Beagle Browser from Lollipop Network, S.L. will use web beacons, HTTP and Flash cookies, DOM storage data and record your download history to display related advertisements. Security investigators note that the Beagle Browser will...

Posted on July 31, 2015 in Adware

Shopper For Torch Ads

The Shopper For Torch browser extension from Shopper For Torch Ltd. is promoted as a tool that will enhance your shopping experience on websites like Walmart, Best Buy, eBay, and Amazon. The Shopper For Torch browser extension can be automatically installed on your PC when you install a freeware bundle via the 'Express' or 'Typical' option. You should note that the Shopper For Torch extension functions as a redirect-gateway to content by third parties and your interaction with its ads is entirely at your risk. Security analysts perceive the Shopper For Torch extension as adware that may redirect you to harmful domains and suggest you to install riskware like BatBrowse and Spark Cast . The Shopper For Torch adware is built on the Crossrider development platform and is compatible with Google Chrome, Internet Explorer, Opera and Mozilla Firefox. The Shopper For Torch adware may use...

Posted on July 31, 2015 in Adware

DeskBar Toolbar

PC power users may be intrigued to install the DeskBar Toolbar because it claims to improve their search capabilities online and on their computer. The DeskBar Toolbar is developed by Blue Labs, LLC as an advanced search tool and can be downloaded from and acquired via free software packages. The DeskBar software functions similarly to the Desktop Search program from Unique Solutions, but uses the Bing engine instead of Google while placing a toolbar at the top of your desktop as well. Security experts warn users that the DeskBar toolbar by Blue Labs is supported by advertisements, and you should expect to see contextual and transitional ads, pop-up windows and banners brought by DeskBar. Therefore, the DeskBar toolbar is deemed as a Potentially Unwanted Program that may obstruct your Intent activities by displaying many ads and slowing down your Internet browser. The...

Posted on July 30, 2015 in Possibly Unwanted Program

PriceItDown Ads

The ads powered by PriceItDown that appear in your Web browser are generated by adware that is using the services of the OffersByContext ad network to earn affiliate revenue for its creators. You may have installed the PriceItDown adware by handling a freeware package with the 'Express' or 'Typical' option automatically. The PriceItDown adware is designed to load contextual advertisements based on what content you engage in order to maximize its efficiency. The PriceItDown adware is cross-compatible and might load customized marketing materials on banners, inline ads, full-page ads, and pop-up windows. As stated above, the PriceItDown adware uses the service of OffersByText to deliver promotions and will employ session and persistent tracking cookies, DOM storage data, record your search keywords and download history. Computer users infected with the PriceItDown adware will see...

Posted on July 30, 2015 in Adware

Tortuga Browser

The Tortuga Web browser from ClaraLabs S.A. is a custom build of the open source project Chromium deployed to users as a fast and secure Internet client. The Tortuga browser can be downloaded from its official web page, but most of its installations are achieved through bundling with third-party software. You should know that the ClaraLabs S.A. company developed the BoBrowser Web browser hijacker and the Unico Browser riskware. You should always install software via the 'Custom' or 'Advanced' option to avoid the installation of adware and riskware like GoGoGo Radio and Info Seeker . Security analysts note that the Tortuga Web browser is supported by advertisements that will replace the native ads you have seen on online stores like Amazon, eBay, and Best Buy. Additionally, the Tortuga browser may place banners, coupons and discounts from sponsors on non-affiliated websites. The...

Posted on July 30, 2015 in Possibly Unwanted Program

CryptPKO Ransomware

Ransomware infections, particularly encryption threat, have grown in popularity in recent years, making them a significant threat to computer users attempting to browse the Web. There is plenty of money involved in online threat campaigns. Unfortunately, many people have taken to creating and distributing threats in other to profit from inexperienced or badly protected computer users. The CryptPKO Ransomware is no exception, carrying out attacks that take computers hostage and then demanding a ransom to return control to the affected computer user. The CryptPKO Ransomware can be easily recognized because of its appearance and the kind of ransom notes as text files that the CryptPKO Ransomware drops on the affected computer. How the CryptPKO Ransomware and Similar Ransomware Attack a Computer User Ransomware is considered particularly threatening, especially because it is not...

Posted on July 30, 2015 in Ransomware

RightTabs Ads

The ads by RightTabs are not related to a helpful browser extension to manage your opened tabs but to adware that is designed to subject users to a constant stream of commercials. The RightTabs adware travels incorporated with free program installers and can be noticed under the 'Custom' or 'Advanced' option. The RightTabs adware may have placed its files in the "Application Data" folder to evade early detection. Also, it may have edited your Windows Registry to be listed as a start-up program when you log-on to your PC. The RightTabs adware may use web beacons, tracking cookies, detect your approximate geographical location and read your browsing history to show related advertisements. Security investigators point out that the commercials from adware such as RightTabs, Funpop and Rugo are not safe, and you might be redirected to untrusted domains and insecure online stores....

Posted on July 30, 2015 in Adware

ZoomyLib Ads

ZoomyLib advertisements are caused by a low-level threat, an adware infection that forces Web browsers to display numerous advertisements. PC security analysts have found that ZoomyLib may be intrusive and very irritating, aggressively advertising products and services on the affected Web browser. ZoomyLib advertisements are easy to identify since they may contain a message that reads 'ZoomyLib Ads', 'Delivered by ZoomyLib', 'Powered by ZoomyLib,' etc. ZoomyLib advertisements may be very disruptive and appear as full-screen advertisements or pop-up windows that suddenly jump to the forefront of the affected computer user's screen. However, the adware linked to ZoomyLib is not threatening. These types of low-level threats are not as threatening as viruses or other types of threats, despite often being mistakenly referred to as such. This does not mean that ZoomyLib advertisements are...

Posted on July 30, 2015 in Adware

Encryptor RaaS

Encryptor RaaS refers to a family of threats that is part of a Ransomware as a Service (RaaS) operation. Cyber hackers have set up a system that allows third parties to pay for a service that creates ransomware infections to distribute on their botnets or through other means. Ransomware operations require work in collecting payments, delivering decryption keys and distributing profits. The Encryptor RaaS operation offers to take care of all these services, as well as providing the Encryptor RaaS malware itself, and keeps 20% of the profits from these attacks. The Similarities Between Encryptor RaaS and Its Predecesor, Tox In recent months, PC security analysts had received reports of another RaaS operation named Tox . Tox was for sale by its owner, meaning that this new Encryptor RaaS may be the result of this. Encryptor RaaS is substantially less sophisticated than Tox....

Posted on July 30, 2015 in Ransomware

‘’ Pop-Ups

Web surfers that experience pop-up windows from may want to know that their computer is infected with a browser hijacker that promotes bogus computer assistance. The browser hijacker edits your Internet client settings so that it loads the content on every time you start an online session. Moreover, the messages on are displayed with JavaScript and users will not be able to close them unless they assess the Windows Task Manager and kill the Web browser process. Security researchers note that the pop-ups are accompanied by an audio recording of a female voice suggesting that your PC is affected by viruses, spyware and urges users to call 888-973-8415 to receive help. Also, the pop-ups may resemble the BSOD seen on critical system failures to claim credibility. Computer users presented with the...

Posted on July 29, 2015 in Adware

‘’ Pop-Ups

Security investigators report that the domain is recognized as malicious, and users should abstain from interaction with its content. The domain is associated with several types of cyber threats such as browser hijackers, trojans, rogueware, and adware. Users who prefer the 'Express' or 'Typical' option of freeware installers may allow a browser hijacker to be installed as well and experience pop-ups by The pop-ups contain links to phishing web pages and threats like SavePass , Kazy and ThinkPoint . The pop-up windows can take different forms depending on what Web browser you use, but all versions will lead the users to a small window that appears to resemble a Windows 7 program window. The fake program windows on suggest that an Adobe Flash Player Update is...

Posted on July 29, 2015 in Browser Hijackers

‘’ Pop-Ups

Security authorities alert users that the domain is associated with a browser hijacker that changes your homepage and shows pop-ups. The browser hijacker in question is programmed to present infected users with the content on and direct them to call supposedly certified technicians on the toll-free phone number 1844-499-3631. Needless to say, the aren't legitimate technical support services that would use browser hijacking software to promote their expertise. The fake technicians associated with may attempt to convince users to purchase a license in order to assist them in removing potential threats, and computer users may become victims of financial fraud and data theft. You should dial 1844-499-3631 and follow instructions on the pop-up windows. The browser hijacker mentioned...

Posted on July 29, 2015 in Browser Hijackers
1 2 3 4 5 6 7 8 9 10 11 951