Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,369,507 -0%
2 Conduit Search/Toolbar 1,109,889 -1%
3 Adware.LinkSwift 792,251 1%
4 PUP.Optimizer Pro 690,680 -1%
5 Hijacker 690,099 -1%
6 PUP.InstallCore 673,315 0%
7 V9 Redirect Virus 575,500 -0%
8 PUP.SupTab 574,675 0%
9 Babylon Search/Toolbar 534,557 -1%
10 WeDownload Manager 521,361 -1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Warning: Over 20,000 Gmail, AOL, and Yahoo Email Accounts Hacked!
A major email security scam has taken place today where hackers compromised over 20,000 Gmail, AOL and Yahoo email accounts and posted the login details of them online. It is apparent that there is a phishing scheme happening where hackers are able to obtain thousands of login credentials from...

More Articles

System Care Antivirus


Fake anti-virus programs are still among the most common types of online scams. Criminals continue to create fake anti-virus programs like System Care Antivirus in order to fool unsuspecting computer users into buying useless security software. These fake anti-virus programs are renamed and repackaged every few weeks, a pattern that has repeated itself consistently since their first appearance nearly a decade ago. Despite its name, System Care Antivirus is not actually an anti-virus program. In fact, it is the complete opposite; System Care Antivirus is a kind of malware infection commonly known as a rogue security program. System Care Antivirus is designed to cause problems on a...

Posted on April 9, 2013 in Rogue Anti-Virus Program

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

Windows Active Guard


Windows Active Guard is a malware program that belongs to the FakeVimes family of fake security software. Windows Active Guard carries out a common online scam that involves pretending to be a real security program in order to convince inexperienced computer users that they must pay for an expensive 'upgrade'. Since there are no real anti-malware capabilities on Windows Active Guard and it is, in reality, a malware infection itself, ESG malware researchers strongly recommend ignoring all of Windows Active Guard's warnings and removing this bogus security program with a reliable anti-malware application. Windows Active Guard's Family of Rogue Security Programs FakeVimes malware...

Posted on July 23, 2012 in Rogue Anti-Spyware Program

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is, a...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the WinWebSec family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

‘JW Video Player’ Pop-Up

'JW Video Player' is a tricky pop-up message which may continuously occur in a Web browser if a PC is affected by adware or a PUP (potentially unwanted program). 'JW Video Player' Pop-Up may work as a browser extension, add-on or plug-in in Web browsers including Google Chrome, Mozilla Firefox and Internet Explorer and other major Web browsers. 'JW Video Player' Pop-Up may proliferate and install itself on a computer system through the use of associated adware or PUPs as an optional application packaged with selected free programs that PC user download and install from unreliable download websites. Upon installation, 'JW Video Player' Pop-Up-related adware and PUPs may modify the default browser settings by replacing the homepage, search provider or a new tab window with an affiliated website.

Posted on April 18, 2014 in Fake Warning Messages

Web Browsers Suffer from Reduced Performance Due to Heartbleed Fixes

The now-famous Heartbleed Internet security flaw has perpetuated into an epidemic among everyone who uses a computer to connect to the Internet around the world. In the most recent findings of Heartbleed, security researchers and experts have uncovered ways to combat the nasty flaw but in doing so web browsers are suffering a major blow as Heartbleed fixes are slowing the performance of web browser applications. Heartbleed is an Internet security flaw that has disrupted many security certificates that sites utilize for logging into SSL (OpenSSL/TLS - a security layer for many websites) secure pages, mostly for when users perform logins into accounts on a particular website. Over the course of the past few weeks, webmasters and those in charge of security of many large and small websites have scrambled to come up with the proper means of combating Heartbleed and protecting the...

Posted on April 18, 2014 in Rogue Anti-Spyware Program


Siesta is a cyber espionage campaign which affects many organizations of multiple industries. The delivered malware threat is dubbed Siesta on account of periods of dormancy to access at regular intervals with email messages attacking executives of the company. The sender's email address is spoofed to occur as if it was sent by another employee of the company. The unsolicited emails did not encompass a malware infection, but they include links which direct to a download website. The website involving the malware threat is named [malicious domain]/ [organization name]/[legitimate archive name].zip. The archive encompasses an executable file which when first looked upon seems to be a safe PDF document but when run, a genuine PDF file which may have been taken from the attacked company's website and a harmful component is downloaded. The malware threat, known as Siesta, surreptitiously...

Posted on April 17, 2014 in Malware


Zusy is a Trojan that proliferates via Facebook messages by compromising account data and credentials. Zusy is distributed by sending a message to an affected PC user and posing as one of their friends with the term 'LOL' accompanied by a file coming up to be downloaded which looks like a photo named ''. The file, when downloaded, is unzipped by the computer user who clicks on it thinking it is an image file named 'IMG_xxxx.jar'. The JAR part of the file executes, downloading a malware infection called Zusy and, thus, contaminating the corrupted PC. The target computer user's Facebook account is compromised and then it is used to disperse more malware infections to friends of the PC user.

Posted on April 17, 2014 in Trojans


PUP.YTDToolbar is a PUP (potentially unwanted program)/adware that may affect popular Web browsers such as Internet Explorer, Mozilla Firefox or Google Chrome and others. PUP.YTDToolbar may display non-stop pop-up ads while the Web browser is opened. The main goal of PUP.YTDToolbar may be to advertise numerous unknown websites, services and offers which, in fact, are intrusive and may disrupt the computer user's online activities. PUP.YTDToolbar may forcibly redirect PC users to unreliable websites that may be commercial if they click on the pop-up ads and notifications displayed by PUP.YTDToolbar. PUP.YTDToolbar may also change the default homepage and search provider or a new tab window with a questionable website. PUP.YTDToolbar may keep track of the PC user's online habits and later transmit and use collected details for targeted advertising intentions.

Posted on April 17, 2014 in Potentially Unwanted Programs


TrusteDealz is an unwanted browser plug-in produced by Bit Wise Publishing, LLC. By showing discount coupon advertisements, TrusteDealz may claim to save time and money for PC users who are shopping on the Web. TrusteDealz is categorized as adware or a PUP (potentially unwanted program). The add-on of TrusteDealz may often embed itself into Web browsers such as Internet Explorer, Google Chrome, and Mozilla Firefox as an extra tool bundled with free applications downloaded from questionable download websites. The TrusteDealz browser extension may trace Internet surfing routine of the computer user and may send this data to third-parties. The browser extension of TrusteDealz may unwillingly divert PC users to associated websites including that may be created for commercial purposes. TrusteDealz may be generated to likely benefit from clicks on advertisements and raised...

Posted on April 17, 2014 in Adware


SearchFoot is a potentially unwanted program (PUP) that may have been made available for Internet Explorer, Google Chrome and Mozilla Firefox Web browsers. SearchFoot may propagate and be installed as an additional program on the PC through packaged free software that computer download and install from untrustworthy download websites. Once on the PC, SearchFoot may create and display a variety of types of disturbing ads, such as interstitial and full page advertisements, search-related advertisements, in-text advertisements and links, banner and video advertisements. SearchFoot may control the PC user's Web browsing routine by recording software and hardware data involving IP address, OS, browser type, unique identifier number, entered search terms, websites visited, and other similar data.

Posted on April 17, 2014 in Adware


CoolSurfing is considered to be adware that may affect the computer system and Web browsers such as Internet Explorer, Google Chrome and Mozilla Firefox and other well-known Web browsers. CoolSurfing may be distributed and enter the computer as an additional application through packaged free software that PC users can download and install from suspicious download websites without paying attention to what extra software they may install with the selected free tool. After installation, CoolSurfing may insert an unwanted browser extension, add-on and plug-in and show disturbing pop-up ads containing a variety of sales, offers and deals on the PC. CoolSurfing may be made with the intention to generate advertising revenue from pop-up ad clicks.

Posted on April 17, 2014 in Adware is an unreliable website that may be associated with security threats such as browser hijackers and adware. Upon installation, these PC infections may insert an unwanted AllMyWeb browser extension, add-on or plug-in into a Web browser. AllMyWeb, also known as Scenic Reflections Toolbar is a browser add-on that declares to improve the PC user's Internet surfing by enabling quick online search and by showing quick links to Facebook, weather reports, email, and similar. AllMyWeb may be distributed and integrate itself into the Web browser as an optional tool when downloading and installing freeware from suspicious download websites. After installation, the AllMyWeb toolbar may modify the default browser settings by replacing the homepage and search engine or a new tab page with PC users may be enabled to reject such changes. However, most of computer users do...

Posted on April 17, 2014 in Browser Hijackers is a questionable website that with the help of security threats such as browser hijackers and adware may display annoying pop-up notifications and ads on the PC. When visiting or similar suspicious websites, commonly because of forced diversions to it, PC users may be asked to participate in surveys and then declare that they have won some prizes. was created with the purpose to possibly benefit from increased web traffic and clicks on pop-up advertisements and notifications. adware and browser hijackers may lead to various unwanted computer problems. Security infections related to may usually spread and invade the computer system through bundled free programs that PC users can download from untrustworthy download websites. If any malware threats pertaining to...

Posted on April 17, 2014 in Browser Hijackers


Update[ARRAY OF NUMBERS] is a suspicious website that may be a component of the advertising network that may display numerous pop-up, inline and other type ads with the help of potentially malicious browser plug-ins, browser extensions, add-ons and adware. [ARRAY OF NUMBERS] represents how computer users might face the same URL name but with an array of numbers within the URL such as and The pop-up ads and misleading messages shown on Update[ARRAY OF NUMBERS] may urge the computer user to update Adobe Flash Player to the latest version that may come from a bogus Adobe website. Such pop-up messages and ads may be shown on Update[ARRAY OF NUMBERS] after the computer user clicks on completely unrelated link, which may mean that adware pertaining to Update[ARRAY OF...

Posted on April 17, 2014 in Browser Hijackers


DMUninstaller is a potentially unwanted program (PUP) that is a component of and installed by DomaIQ, a PUP that may show pop-up ads on a computer system. DMUninstaller may declare that it is an installer of a genuine application. However, it may also aim to download genuine applications or other files and extra packaged adware. DMUninstaller may be produced to generate advertising revenue from ad clicks. DMUninstaller may also continuously divert computer users to untrustworthy websites that may be generated with the goal to possibly benefit from increased traffic of an affiliated website. DMUninstaller may proliferate and install itself onto the computer as an optional tool bundled with free programs that PC users download and install from unreliable download websites.

Posted on April 17, 2014 in Potentially Unwanted Programs


Handsnake is a Carberp-based Trojan that encompasses VNC functionalities. Handsnake enables attcakers to obtain remote unauthorized access and control of a compromised PC. Once loaded, Handsnake starts communicating with the CnC server. By using Handsnake, the cybercrooks can use the remote desktop function of the VNC component to gain remote unauthorized access and control of the targeted PC.

Posted on April 16, 2014 in Trojans

‘ nengine.dll’ Pop-Up Error Message

' nengine.dll' is a misleading pop-up error message that may occur when a PC is affected by adware and PUPs (potentially unwanted programs). The DLL file named 'nengine.dll' belongs to adware found as NewNextDotMe, Trojan_NextLive.adw, PUP.Optional.NextLive.A and Adware.NextLive.1. This adware may come packaged with Mobogenie and other PUPs. If a PC clicks the tricky ' nengine.dll' Pop-Up Error Message, he may unknowingly enable to install more PC infections on the computer. After installation on the computer, adware pertaining to the ' nengine.dll' Pop-Up Error Message may download potentially infected files and modify the Windows Registry. ' nengine.dll' Pop-Up Error Message-related adware may propagate and enter the PC as an additional application packaged with freeware that PC users can download from unreliable download websites.

Posted on April 16, 2014 in Fake Error Messages


TrojanDownloader:Win32/Wobotork.A is a Trojan that stealthily drops and installs other malicious applications on a targeted PC without a victimized computer user's authorization. TrojanDownloader:Win32/Wobotork.A can drop and install other malware infections or malware components to a compromised PC. After installation, TrojanDownloader:Win32/Wobotork.A replicates itself into a specific location. TrojanDownloader:Win32/Wobotork.A makes system modifications by creating the potentially harmful files on a contaminated computer. TrojanDownloader:Win32/Wobotork.A may contact a remote host in order to receive configuration or other data, report a new infection to its creator, upload data taken from the infected computer system, receive commands from a remote cybercrook and drop and execute files, involving updates or other malware threats.

Posted on April 16, 2014 in Trojans
1  2  3  4  5  6  7  8  9  10  11  12  next     total items: 11418