Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,641,179 1%
2 Conduit Search/Toolbar 1,215,225 0%
3 PUP.InstallCore 814,396 3%
4 PUP.Optimizer Pro 784,306 0%
5 PUP.SupTab 748,456 1%
6 Hijacker 653,126 -1%
7 Adware.LinkSwift 639,549 -0%
8 V9 Redirect Virus 583,330 0%
9 Babylon Search/Toolbar 534,031 0%
10 Iminent Toolbar 453,168 1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Warning: Over 20,000 Gmail, AOL, and Yahoo Email Accounts Hacked!
A major email security scam has taken place today where hackers compromised over 20,000 Gmail, AOL and Yahoo email accounts and posted the login details of them online. It is apparent that there is a phishing scheme happening where hackers are able to obtain thousands of login credentials from...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


LuckyTab browser extension by Sky Sp. z o.o. serves as a home page for computer users. LuckyTab is available as a stand-alone installer and can be found as a module of freeware bundles. Computer users should use the 'Advanced' or 'Custom' option when they install software in order to be aware of LuckyTab being installed on their system. LuckyTab is considered a Potentially Unwanted Program (PUP) because it can push ads, pop-ups, banners, video ads, in-text ads and sponsor links on pages you visit. LuckyTab is heavily defendant on sponsorship and may gather data on your browsing history for marketing purposes. If you think that the ads are disturbing, you may want to remove LuckyTab from your PC manually or the easy way through an anti-spyware application.

Posted on November 27, 2014 in Adware


VPNPrivat is software designed to offer secure and anonymous web traffic to customers. VPNPrivat is advertised in freeware bundles and can be installed automatically on your PC when you use the 'Typical' or 'Express' option. VPNPrivat may add a browser extension to enable its functionality. VPNPrivat can be classified as Potentially Unwanted Program (PUP) because it collects anonymous data about its customers. The creators of VPNPrivat may share the information with a variety of third parties such as affiliates, advertisers, and prospective business partners. VPNPrivat allows partners to display advertisement material inside its networks under many forms such as pop-ups, banners, and sponsor links. Computer users should carefully examine VPNPrivat's functionality and decide whether to keep it or not.

Posted on November 27, 2014 in Potentially Unwanted Programs


LyricsWatch is a browser extension developed by Revizer Technologies Ltd., and it offers users access to lyrics for songs they like. LyricsWatch may be automatically installed in your web browser when you install freeware via the 'Express' or 'Typical' option. LyricsWatch is considered adware that collects non-personally identifiable information to display targeted advertisement in the form of pop-ups, in-text ads, and sponsor links. The ads and pop-ups by LyricsWatch can be viewed as disturbing by many computer users. If you want to remove LyricsWatch from your system, you can take advantage of a trusted anti-spyware tool to do that for you.

Posted on November 27, 2014 in Adware


GadgetPrise appears as a web browser plugin, and it is part of the web platform developed by Yontoo LLC. Yontoo developers deliver GadgetPrise to computer users by incorporating the product with freeware. GadgetPrise is considered adware because it aggressively displays numerous ads, pop-ups, banners and can inject in-text hyperlinks in pages the user is visiting. The module 'advanceelite.gcupdate.dll' of GadgetPrise is detected as a threat, and it may be used to track user's clicks around the web. Ads by adware such as GadgetPrise are rarely wished upon, and many users might want to remove it from their system using a powerful anti-spyware tool.

Posted on November 27, 2014 in Adware


You can find ClipCnv advertised as a video file converter in freeware bundles. ClipCnv is deemed as a Potentially Unwanted Program (PUP) because it installs an extension to your web browser in order to facilitate the display of ads and pop-ups. Ads and pop-ups by ClipCnv may display alerts for necessary updates for Nvidia drivers, Adobe Flash Player, and Steam Game Platform. ClipCnv is known to be often accompanied by VideoCnv and users may be disturbed by many pop-ups displayed by these PUPs. You may want to remove ClipCnv; to that accomplish this, you should close any opened browsers, and look for ClipCnv in your Programs and Features window, which you can bring up by going to the Control Panel. Users may want to add an anti-spyware tool to their defenses as it can protect you from adware and PUPs such as ClipCnv.

Posted on November 27, 2014 in Adware


'Ads by Giftssoft' pop-ups and windows are evidence of an adware infection on your system. Giftssoft is considered adware that displays annoying ads and pop-ups in the web browser and may track your online activity. It is possible that you have installed Giftssoft along with freeware without paying attention to the content of the installer. If a user wants to remove Giftssoft, one approach is to close any browsers that are currently opened, and then uninstall Giftssoft manually through the Programs and Features in the Control Panel. A reliable anti-spyware application may save you the hurdle of performing a manual removal of Giftssoft.

Posted on November 27, 2014 in Adware


Regin is a highly sophisticated backdoor Trojan with a modular architecture that is capable of disguising its malicious code as a legitimate Microsoft software. Regin employs different approaches depending on its targets and executes customized attacks. Security researchers discovered that Regin can take control of the mouse cursor, record screenshots, recover deleted files and steal credentials. Computer users are advised to keep their OS and anti-virus software updated. Also, you may want to add anti-spyware application to your line of defense and change your online account passwords just in case.

Posted on November 27, 2014 in Backdoors


Trojan.MSIL.Injector.NEP is distributed via spam emails. Also, Trojan.MSIL.Injector.NEP is part of the deployment kit used by CryptoWall ransomware. Trojan.MSIL.Injector.NEP may pretend to be harmless Microsoft Word document or a ZIP archive. This disguise is used to avoid detection and allows Trojan.MSIL.Injector.NEP to download CryptoWall on the victim's computer. Once in the system, CryptoWall ransomware will use the RSA-2048 encryption algorithm to lock access to video, document and image files. At this stage, CryptoWall instructs its victims to pay a ransom demand for retrieval of the files. Payment does not guarantee you a decryption key to decrypt your files. To avoid getting infected with Trojan.MSIL.Injector.NEP, it is recommended to not open spam emails or download suspicious files attached to them.

Posted on November 26, 2014 in Trojans

Grocery Coupons

Grocery Coupons is software that may prove useful to users that do online shopping. Grocery Coupons works as a web browser extension that displays coupons with discounts. Grocery Coupons can be classified as a Potentially Unwanted Program (PUP) because of its aggressive behavior. Grocery Coupons floods your browser with coupon windows and pop-ups that may be unwanted by the user. Freeware bundles are well-known vessels of Potentially Unwanted Programs (PUPs). Computer users can exercise caution with installing freeware by using the 'Custom' or 'Advanced' option. By making sure to review what apps are listed in the installation wizard, you can prevent from inadvertently installing Potentially Unwanted Programs (PUPs) as well as adware.

Posted on November 26, 2014 in Adware

Support PL

Support PL may reside in your web browser as an add-on, extension or as Browser Helper Object depending on your browser of choice. If you did not explore what the 'Custom' or 'Advanced' option has to offer, you might have installed Support PL add-on along with freeware. Support PL is associated with PRICELess adware and may exert numerous ads, pop-ups and pop-unders. Adware can track your web surfing and send data to its sponsors that can be used for marketing purposes. Any advertisement propelled by Support PL can be halted by using a powerful anti-spyware tool.

Posted on November 26, 2014 in Adware

A-Secure 2015

A-Secure 2015 is advertised to be an anti-virus program with interesting features as a web shield and a personalized firewall protection. A-Secure 2015 pretends to be a program that you can trust, but the truth is that it is a rogue anti-virus application. A-Secure 2015 is programmed to display fake virus alerts in order to convince computer users that they need to pay for a license if they want the threats removed. This behavior is typical for rogueware such as A-Secure 2015 and payment will not result in the removal of viruses as they are non-existent. Users should keep in mind that any protection provided by A-Secure 2015 is not real, and they should transition to a trusted anti-virus solution.

Posted on November 26, 2014 in Rogue Anti-Virus Program


The cheapNcheap browser extension falls in the category of adware because it used by merchants to push ads and pop-ups into the web browsers of potential customers. Users with cheapNcheapon their computer have also reported to having installed another adware called Boomdeal . As members of a growing adware family, cheapNcheap and Boomdeal are distributed with other freeware. Because the majority of computer users prefer to use the 'Typical' or 'Express' installation of freeware, it allows adware such as cheapNcheap to be installed automatically in users' browsers. Since the abundance of ads and pop-ups may not be appealing, users may want to remove cheapNcheap from their system. One way to remove cheapNcheap is through the 'Programs and Features' panel in the Control Panel. Also, users can effortlessly remove adware using a powerful anti-spyware tool.

Posted on November 26, 2014 in Adware


Boomdeal appears as a browser extension deployed along with freeware. Boomdeal may appear with another browser extension called cheapNcheap . The browser extension Boomdeal may offer you improved shopping experience, but it is recognized as adware. The Boomdeal adware is developed by its creators to display ads, banners and pop-ups by sponsors in order to generate revenue. Boomdeal can be found as a part of many free applications, and the only way to notice it is to use the 'Advanced' or 'Custom' option during installation. Adware can collect data on browsing history and Boomdeal is no exception. Merchants use the information for marketing purposes, but many users might not like it. If you want to clean your system of Boomdeal, you should use a trusted anti-spyware solution.

Posted on November 26, 2014 in Adware

SystHeal Optimizer

SystHeal Optimizer is developed by GA Technocare Technology Pvt. Ltd. and may appeal to users with advanced system utilities that can be tested in its trial version and later purchased. SystHeal Pro is available as a stand-alone installer in online software stores and may accompany freeware. Users should be aware that this program is classified as a Potentially Unwanted Program (PUP), and may not perform as advertised. SystHeal Optimizer, also known as SystHeal Pro, is considered a PUP because SystHeal Optimizer may display exaggerated notifications and scan results in order to convince users to purchase its full version. To spot Potentially Unwanted Programs (PUPs) in installers of free applications, you should always use the 'Advanced' or 'Custom' option.

Posted on November 26, 2014 in Potentially Unwanted Programs


Takegif is an adware application that may be added as a Web browser extension to the principal Web browsers available on the Web. Takegif may be consistent with Google Chrome, Internet Explorer and Mozilla Firefox. Takegif was produced to insert advertisements into visited Web pages. These unwanted advertisements may include banner advertisements, pop-up advertisements and hypertext links. Takegif also may display discount coupon offers. The advertisements displayed in your Web browser by Takegif may become very annoying since they may prevent you from having a normal browsing by covering the visited Web page. Computer user are offered countless free programs that may be very useful. If downloaded, some of these programs may install bundled adware and additional browser extensions. This is one of the ways Takegif may have entered your computer. The components of Takegif may change...

Posted on November 25, 2014 in Potentially Unwanted Programs
1  2  3  4  5  6  7  8  9  10  11  12  next     total items: 12736