Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,931,922 -2%
2 Conduit Search/Toolbar 1,352,045 -1%
3 PUP.InstallCore 944,161 -7%
4 PUP.SupTab 849,662 -1%
5 PUP.Optimizer Pro 784,361 -1%
6 Adware.SuperWeb 762,279 -3%
7 Adware.Multiplug 660,310 -2%
8 Adware.LinkSwift 634,569 -0%
9 Hijacker 634,111 -0%
10 Iminent Toolbar 608,263 -1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles


LaSuperba may be associated with numerous problems that may be caused by PUPs (Potentially Unwanted Programs). LaSuperba may interrupt the computer users' activities when browsing the Web and cause performance problems on affected Web browsers. LaSuperba is linked to an adware that may affect most commonly used Web browsers on the Windows operating system, including Internet Explorer, Mozilla Firefox and Google Chrome. LaSuperba advertisements may take the form of irritating pop-up messages that make it very difficult to use the affected Web browser. In most cases, removing adware associated with LaSuperba will stop LaSuperba advertisements from appearing on affected Web browsers. However, most adware infections do not come alone; the presence of one adware component may indicate the presence of others, all of which may be connected with LaSuperba and similar unwanted content....

Posted on August 31, 2015 in Adware

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Invisible Empire Ransomware

The Invisible Empire Ransomware is an encryption Trojan and a variant of the Jigsaw Ransomware. The Invisible Empire Ransomware encrypts the files on your hard drive and demands the payment of a fee of $150 that should be made using Bitcoins. The Invisible Empire Ransomware ransom message tries to frighten infected computer users with threats posed by Nazi defenders. The Nazi defenders threat is fake, but the encrypted files are not. The computer users will not be able to open the encrypted files until they pay the asked ransom or find an alternative way to decrypt their files, such as recovering them from a backup or obtaining a free decryption key. Paying the ransom should be the last resource since you can waste your money by not getting back the decryption key as promised by the people behind the Invisible Empire Ransomware attack. Do not forget that you should remove a...

Posted on May 27, 2016 in Ransomware

‘’ Pop-Ups

If your browser is presenting a weird behavior and you experience pop-up windows by suspicious domains like, you may be infected with a browser hijacker. Security experts classify as browser hijackers applications that are programmed to rob the users of control over their Web browser and perform a number of activities. The browser hijacker that is associated with the domain is used to promote technical support services from agents on the 800-693-5082 toll-free phone line. The pop-ups by might include the message: 'Microsoft Windows Detected ZEUS Virus and those infections indicate that some unauthorized file tempering has taken place on the computer which must be diagnosed and rectified to prevent loss of personal data. Call Microsoft technical support on 1-800-693-5082 ad share the error ticket WBCKL457 with support agent to...

Posted on May 27, 2016 in Adware

Mahasaraswati Ransomware

The Mahasaraswati Ransomware is a new representative of Crypto-Trojans that users may see under the name Saraswati CryptoEncoder as well. Malware investigators note that the Saraswati CryptoEncoder may be hosted on compromised sites and could be distributed via the Angler Exploit Kit that is popular among con artists. Versions of the Mahasaraswati Ransomware may be deployed via spam emails that may include corrupted documents that are presented as invoices, receipts, and memorandums. The name of the Trojan is derived from the email address that is under the control of its developers. The Saraswati CryptoEncoder is not very different from well-known threats like the Cerber Ransomware and Locky Ransomware . The Saraswati CryptoEncoder might use the AES-256 encoding algorithm to lock your files. File objects that are processed by the Mahasaraswati...

Posted on May 27, 2016 in Ransomware


Malware researchers remind users to install updates to Java and Adobe Flash Player from official sources and rely on the built-in update manager to avoid the BackDoor.TeamViewer malware. The BackDoor.TeamViewer malware is a Backdoor Trojan that is built on top of the legitimate TeamViewer Access Tool. The BackDoor.TeamViewer Trojan may be dispersed among users as a fake update to Adobe Flash Player on insecure software deployment platforms. The corrupted Adobe Flash Player update includes an original copy of the player and a threatening component. The extra element is a Trojan.Muldrop program that is used to install the BackDoor.TeamViewer silently. As stated above, the BackDoor.TeamViewer Trojan uses a twisted version of TeamViewer to allow remote access to the infected computer. The BackDoor.TeamViewer malware can be compared to Bunitu and Webber . The BackDoor.TeamViewer...

Posted on May 27, 2016 in Rogue Anti-Spyware Program

JohnyCryptor Ransomware

The name of the JohnyCryptor Ransomware comes from the email address that users are suggested to contact when they are compromised by the JohnyCryptor cryptomalware. The JohnyCryptor cryptomalware is an encoding Trojan that may be deployed to users via spam emails or be enclosed in a PDF, ZIP, and DOCX that features corrupted Macro and JavaScript. These types of medium are preferred by the developers of the infamous CryptoWall and 8lock8 Ransomware . Computer users that open a corrupted file that is loaded with the JohnyCryptor Ransomware may be greeted by a ransom note on the next system boot up. The victim's desktop wallpaper will be changed so that you know that you have been hacked. The instructions to pay the ransom are found in the file How to decrypt your files.txt that is placed on the victim's desktop. The note reads as follows: 'ATTENTION! Your...

Posted on May 27, 2016 in Ransomware


The WhiteWindow application is promoted as a helpful toolbar for finding digital and traditional art pieces. The WhiteWindow toolbar may prove to be useful to users that deal with media content on a daily basis and need to stay up-to-date with news from sources like and Unfortunately, the WhiteWindow application may not satisfy your expectations because it is an adware that is developed by SupwerWeb LLC. Security experts alert that the main objective of the WhiteWindow adware is to show marketing materials on your screen and generate a steady pay-per-click revenue for its creators. The installer of the WhiteWindow adware may be bundled with free programs like SystemPreserver and Vaudix . The WhiteWindow adware may use ActionScript to flood your screen with pop-up windows and banners. The ads by WhiteWindow may include links to harmful domains and...

Posted on May 26, 2016 in Adware is an untrustworthy search platform that displays manipulated results from Google. You should not use because it may redirect you to pages that may be threatening. The developers of this engine use to get referral commissions by transferring the PC user to partner domains. doesn't appear as the homepage for no reason. If you didn't set as the starting site manually, then you may have some possibly unwanted programs on your PC. is closely associated with various suspicious applications like StreamingWhereTV , TVStreamSurfer and Utilitab Secure . These unreliable programs may enter in the background when the person installs freeware bundles. This tactic is very efficient against less experienced PC users for one simple motive – the commonly selected 'Quick' menu...

Posted on May 26, 2016 in Browser Hijackers

Ransomware Complaints to FBI’s Internet Crime Complaint Center Doubled in 2015

In one of the latest Internet Crime Complaint Center's (IC3) Crime Reports, there were 2,453 ransomware complaints in 2015. Comparing that number to the year prior, there were only 1,402 complaints about ransomware, which shows that ransomware complaints doubled in 2015. Let it be known; ransomware has taken the computer security world by storm in a way that the storm path has claimed many victims in the form of lightning their pocket books and destroying personal data stored on infected computers. The Internet Crime Complaint Center, or IC3, is a well-known force run by the FBI that collects mountains of data from consumers who naturally send in complaints of computer security issues and internet crime. With that, the FBI can decipher what issues are taking place on the Internet and throughout the connected world that we live in today. When it comes to the unprecedented...

Posted on May 26, 2016 in Computer Security


The eTogether browser extension is provided to users that wish to search online for their love among thousands of single ladies and men. The eTogether extension is similar to DatingDone and DatingShot in functionality. Web surfers can find the eTogether extension at,, and the Chrome Web Store. The eTogether application has a version for browsers based on the Mozilla project as well. You may wish to withhold your contact details and personal photos because the eTogether extension is deemed as a Potentially Unwanted Program, and is not recognized as a legitimate partner to major dating services like, and The operations of the eTogether extension are supported by advertisers that may access usage statistics like your download logs, Internet history, and bookmarks to provide tailor-suited ads on your screen. The...

Posted on May 26, 2016 in Possibly Unwanted Program

Zcrypt Ransomware

The ZCrypt Ransomware is a Severe Cyber Threat that can Encrypt Common File Types, Files that are Unique to Industrial Software and Server Management The zCrypt Ransomware is an encoding Trojan that may arrive on your computer as a fake invoice or receipt from online stores. The developers of the zCrypt Ransomware may use the services of spam bots to deliver the payload of the zCrypt Trojan. Security analysts note that the zCrypt Ransomware is used to target Russian-speaking users predominantly and features a ransom note in Russian and English. The zCrypt Ransomware may be detected by scanners under the tag Crypren/Zcrypt Ransomware, Trojan.GenericKD.3257805 and W32/Crypren.ACRJ!tr. The ZCrypt Ransomware may Load Deceptive Messages on Your Screen to Keep You Distracted Computer users that open a corrupted attachment to spam mail might run an obfuscated executable that...

Posted on May 26, 2016 in Ransomware

BlackShades Crypter Ransomware

Security researchers notify that the BlackShades RAT malware has a "small brother" named BlackShades Crypter Ransomware that supports encryption only. The BlackShades Crypter Ransomware is a stand-alone Trojan that is programmed to use the superior RSA-4096 encryption algorithm to lock data. The BlackShades Crypter Ransomware demands a ransom of $30 paid in Bitcoins for the decryption of the victim's data. The BlackShades Crypter malware is distributed by traditional methods including corrupted attachments to spam, compromised sites and fake software patches. The BlackShades Crypter Ransomware is considered a severe cyber threat that may interrupt Web services and destroy valuable data. The message by BlackShades Crypter reads: 'Your computer have been hit by BlackShades Crypter All of your files are encrypted with a cryptographically strong algorithm RSA_4096 100% of you will...

Posted on May 26, 2016 in Ransomware

Microsoft Pushes Use of Strong Passwords and Prohibits Simple Passwords Appearing on Banned List

In an effort to curtail data breaches and provide a more secure infrastructure for consumers, Microsoft is actively banning the use of simple passwords that appear in their banned password list. Additionally, the software firm is requiring users of their Microsoft Account and Microsoft Azure Active Directory to utilize unique and strong passwords. After LinkedIn suffered a major blow with a data breach years ago that was recently brought to light, other companies are taking proactive measures to reduce the likelihood of attacks. Starting with the simple security aspects that companies like Microsoft can put in motion, the software firm is electing to ban the use of passwords that show up on their dynamically updated banned password list. Moreover, Microsoft is forcing its users to change their passwords to a strong one that cannot be easily guessed and potentially lead to...

Posted on May 25, 2016 in Computer Security

Ads by Birds

The advertisements by Birds in your browser are not related to the Angry Birds game franchise of Rovio Entertainment. An adware application may display the ads by Birds on your computer, and you may load insecure content in your browser. The Birds adware may have arrived on your PC as a free game that is a clone of the original Angry Birds series. You should note that many free games claim to provide entertainment that is similar to Angry Birds by Rovio Entertainment, but may introduce harmful software into your system. The Birds adware may show pop-up windows on your screen that feature links to suspicious online stores and welcome you to input your contact details to receive exclusive vouchers and discounts. Security investigators reveal that the Birds adware is a variant of the OffersWizard adware and may use JavaScript to inject advertisements on non-affiliated pages. The...

Posted on May 25, 2016 in Adware

Latest Weather Alerts Ads

The Latest Weather Alerts browser extension can be found at, and you may be offered to install it with a free application like ZuluGames . Computer users that need to travel to their workplace for over an hour a day may be interested in weather reports, and like to install the Latest Weather Alerts browser extension. The Latest Weather Alerts software has versions for Google Chrome and Mozilla Firefox. However, you may wish to avoid installing the Latest Weather Alerts extension because it is deemed as adware. The Latest Weather Alerts extension is powered by the same technology behind SaferBrowser , may push numerous promotions on your screen, and prevent you from enjoying the Internet. The Latest Weather Alerts adware shares many similarities with the FindFormsNow and the Login Faster toolbars that have a bad reputation. The Latest Weather Alerts...

Posted on May 25, 2016 in Adware

‘.odcodc File Extension’ Ransomware

The '.odcodc File Extension' Ransomware is an encryption ransomware attack that is used to force computer users to pay large amounts of money. To carry out its attack, the '.odcodc File Extension' Ransomware encrypts the victim's files, demanding the payment of a ransom to recover the encrypted files. The '.odcodc File Extension' Ransomware uses strong encryption to make the affected files inaccessible. The '.odcodc File Extension' Ransomware changes the extension of files that were encrypted to '.odcodc' and drops text files containing its ransom note named 'readthis.txt.' Computer users should avoid paying the '.odcodc File Extension' Ransomware ransom. The best protection against the '.odcodc File Extension' Ransomware is to backup all files regularly and to use a reliable security application to prevent the '.odcodc File Extension' Ransomware from entering a computer. How the...

Posted on May 25, 2016 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,057