Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,797,398 -0%
2 Conduit Search/Toolbar 1,248,339 -1%
3 PUP.SupTab 886,121 -2%
4 PUP.InstallCore 885,098 -1%
5 PUP.Optimizer Pro 813,761 -2%
6 Hijacker 640,364 -0%
7 Adware.LinkSwift 636,614 -0%
8 V9 Redirect Virus 611,120 -0%
9 548,128 -2%
10 Babylon Search/Toolbar 544,481 -1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Computer users experiencing a pop-up by can be noted that it is presented to them by adware infection on their system. The adware behind the pop-up may have arrived on their PC along with a free application, and it is created to invite yours to download malware. The adware that presents users with the pop-up is connected to the IP address that is used to distribute trojans such as the NGRBot and Symmi. Security experts strongly advise against clicks on the pop-up because it can lead to download and installation of malware that can grant hackers a remote access to your PC and your log-in details could be stolen. You might want to employ the services of a reputable anti-malware solution to purge the adware displaying the pop-up and protect you from potential...

Posted on January 28, 2015 in Browser Hijackers


The MP1ayerV2.1 software published by MPplayerS3rv is deemed by security researchers as adware because it injects marketing materials in the web browser. The MP1ayerV2.1 is built with the Crossrider extension toolkit, and you may detect it as a browser extension, an add-on, and a Browser Helper Object. The MP1ayerV2.1 adware functions as a marketing engine of vendors that is used to present users with many discounts, coupons, banners, special offers, ad boxes and pop-ups. Adware such as the MP1ayerV2.1 often uses freeware installers as a vessel to achieve a drive-by installation when you use the 'Express' or 'Typical' option. The ads by MP1ayerV2.1 might cover your browser surface, and your click-stream could be used to generate custom-made marketing content. The activities performed by the MP1ayerV2.1 adware may obstruct your online routine, and you might want to use a trustworthy...

Posted on January 28, 2015 in Possibly Unwanted Program


The Shoppy-Up browser application published by Winportal promises optimized searches and budget-friendly features to online shoppers. It might sound attractive, but you might want to know that the Shoppy-Up browser application is perceived by security researchers as adware. The Shoppy-Up adware utilizes the Crossrider toolbar creation and distribution platform to enable its cross-browser functionality and can be found accompanying freeware bundles. The Shoppy-Up adware is used by ad providers to push advertisements aggressively in the form of pop-ups, contextual ads, and banners into your web browser. Additionally, the Shoppy-Up may collect non-personally identifiable data such as browsing history and engaged content and use it to generate tailor-suited ads. The Shoppy-Up adware might appear as a Browser Helper Object, an extension or an add-on, and its complete removal could be...

Posted on January 28, 2015 in Adware

Rocket Deal

The Rocket Deal browser tool is promoted as an online shopping companion that can deliver you smart offers and deals. However, it is branded by computer experts as adware that can cover your browser surface with numerous ads, pop-ups, banners, coupons and ad boxes. The Rocket Deal software is part of a growing franchise of Rocket adware applications such as the RocketSaler and RocketTab. The Rocket Deal browser tool has versions for Internet Explorer, Google Chrome, and Mozilla Firefox, which are used to facilitate the display of advertisements. The Rocket Deal software can be downloaded as a stand-alone installer, but most of its installations are the result of bundling with freeware. The Rocket Deal adware may read your search queries and browsing history to display targeted ads in your browser, and that might not be welcomed by many users. If you want to remove the...

Posted on January 28, 2015 in Possibly Unwanted Program


The PrestoSavings software published by Frank and signed by Engauge Marketing, LLC is branded as adware by security experts and should not be mistaken for the legitimate Presto Savings browser tool by Engauge Innovations, LLC. The PrestoSavings adware can be found enclosed with freeware packages and may appear as an extension in Google Chrome, a Browser Helper Object in Internet Explorer and an add-on in Mozilla Firefox. The PrestoSavings software is built upon the Crossrider platform and functions as an advertising engine that displays ads, banners, in-text hyperlinks and pop-up and pop-under windows loaded with commercial content. The PrestoSavings adware may use the logo of its counterpart, and it may behave similarly, but it may not bring you secure ads. Clicking on the ads by PrestoSavings may expose you to Potentially Unwanted Programs (PUPs), and as long PrestoSavings is on...

Posted on January 28, 2015 in Adware

The domain is connected to adware that displays pop-ups and ads in the web browser of infected users. The pop-ups and ads suggest users to install a supposedly legitimate Java software and notify of system errors. The pop-ups and ads suggest users to repair their system errors by calling a technician via the phone number '1 (888) 604-1003'. Also, the pop-up by may claim that you have adware and spyware on your PC. The web page may feature a Windows Firewall logo and a McAfee logo as well, but security experts reveal that the ads and pop-ups are generated by adware infection on your system. Calling the '1 (888) 604-1003' phone number on the domain may result in the installation of potentially harmful software, other adware and high phone bills. The adware behind the pop-ups and ads could...

Posted on January 28, 2015 in Browser Hijackers

The pop-up shows in the web browser of computer users with adware on their system, and it may suggest the installation of potentially harmful software. domain is connected to several IP addresses that are associated with spreading adware such as the DealPly and InstallCore and Potentially Unwanted Programs (PUPs). The adware generating the pop-up could have been installed in your system through the installation of freeware packages via the 'Express' or 'Typical' option. It might not be advised to click on the pop-up when it can deliver you computer threats, and you might wish to eradicate the responsible adware with the help of a trusted anti-spyware solution.

Posted on January 27, 2015 in Browser Hijackers

The pop-up is generated by adware on your PC that may have entered your system via bundling with freeware. Security researchers advise users not click on pop-ups by because the IP of the domain is connected to the deployment of computer trojans such as Win.Trojan.Symmi and ransomware. Clicking on the pop-up may result in the installation of possibly harmful software that could be used to steal your banking credentials and valuable log-in details. You might want to keep your Windows regularly updated to ensure that system vulnerabilities can't be exploited for automatic software download. The adware responsible for the pop-up can be addressed with a trusted anti-malware solution that can clean and protect your system.

Posted on January 27, 2015 in Browser Hijackers

The domain hosts a web page that uses an emblem similar to the icon of Windows Firewall and suggests users to call '1-855-565-3218' or '1-866-560-5093' to receive technical support for system problems. The domain is connected to adware that promotes the services of 'System Support IT' through continuous display of a pop-up window every time the user starts a web browser session. The adware behind the pop-up might have arrived in your PC along with a free application, and you might want to review recently installed freeware. Adware is typically created to promote services, online shops and products by persistent display of marketing materials, and the majority of computer users might not like that. The 'System Support IT' services on the domain might not be trustworthy as it is the case with companies...

Posted on January 27, 2015 in Adware

The domain is used by adware developers to support their private ad network that generates pay-per-click revenue for them. The domain is connected to adware that displays pop-up windows and ads promoting Potentially Unwanted Programs (PUPs) when users visit forums and technology related websites. The adware behind the pop-ups and ads may have been installed as a helpful add-on or Browser Helper Object part of a freeware installation. Adware developers create seemingly useful browser tools only to attract users to install their adware that can use monetization techniques. Namely, pay-per-click revenue from the displayed ads and when users install promoted Potentially Unwanted Programs (PUPs). If you don't like your system to be used for the financial profit of adware developers, you might want to clean your system with the help...

Posted on January 27, 2015 in Browser Hijackers

Positive Finds

The Positive Finds is promoted as a search assistant that allows you to search more efficiently. You might be offered to install the Positive Finds software when you browse the 'Custom' or 'Advanced' option in freeware bundles, or it will be installed automatically. The Positive Finds browser application might appear as an extension in Google Chrome, an add-on in Mozilla Firefox and as a Browser Helper Object in Internet Explorer and its installation will result in the appearance of many ads. Security researchers point out that the Positive Finds browser application is perceived as adware because it may inject the web pages you browse with banners, contextual ads, and pop-ups. The ads by Positive Finds may be based on your search operations and collected browsing information that is a standard practice among adware products. The Positive Finds adware may prove an obstruction for your...

Posted on January 27, 2015 in Adware

The domain is used by adware on infected PCs to display a pop-up window that suggest to computer users to install a potentially harmful software. Security researchers discovered that the domain is linked to several IP addresses that are associated with the deployment of Potentially Unwanted Programs (PUPs) and adware products such as Multiplug. Additionally, the domain is recognized as malicious by several leading web applications. The adware that is responsible for the pop-up might have been installed on your system during a free application installation via the 'Express' or 'Typical' option. Experts advise users not to click on the pop-up because that might result in unwanted software installation. If you are presented with the pop-up, you might want to...

Posted on January 27, 2015 in Browser Hijackers

The domain is utilized by adware that displays a pop-up window saying that the computer user has 'Possible Privacy breach and Computer Error Detected Due to Suspicious Activity Found on Your Computer'. In addition, the pop-up on suggest users to call a technician on the phone number '1 (855) 448-7792', but security experts note that the pop-up is generated by adware on your system. The adware behind the pop-up aims to direct users to dial a specified phone number that may result in high phone bill or the installation of potentially harmful software. You might want to know that the adware that displays the pop-up by may have been installed on your system as a drive-by installation of freeware. Security experts remind that adware is created to promote products, services and online shops, and it may slow down your system or...

Posted on January 27, 2015 in Adware

The domain is connected to adware that generates a pop-up window that might offer you to install a download helper, a video player or a supposedly legitimate anti-virus application. The pop-up might use color themes similar to renowned software products or notify you of security issues, but you may want to keep in mind that such practices are the tools of adware developers. The adware that is responsible for the pop-up might appear as a browser extension promoted to be a helpful search assistant or a browser enhancer. Adware is known to come incorporated with freeware, and you might want to revise recently installed free applications. If you are presented with the pop-up, it could be a bad idea to download the offered software, and you might want to use a reputable anti-malware application to clean...

Posted on January 26, 2015 in Browser Hijackers

Passion Fruit Rewards

The Passion Fruit Rewards browser tool is promoted as an online shopping adviser that can help you save money by providing you with exclusive coupons, deals, and discounts. However, the Passion Fruit Rewards browser app is deemed by security researchers as adware because it displays an abundance of advertisements in the form of ads, banners, pop-up and pop-under windows filled with marketing content. The Passion Fruit Rewards app can be attached to your browser as an extension, an add-on, or a Browser Helper Object depending on your installed web browsers. The Passion Fruit Rewards browser tool can be downloaded from its official website, but the majority of its installations are the result of bundling with freeware. The Passion Fruit Rewards adware serves as a marketing engine of retailers that use its integration with your web browser to deliver marketing materials. The intrusive...

Posted on January 26, 2015 in Adware
1  2  3  4  5  6  7  8  9  10  11  12  Next     Total items: 13063