Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,044,407 -2%
2 Conduit Search/Toolbar 1,615,669 -2%
3 PUP.SupTab 1,082,707 -2%
4 PUP.InstallCore 946,171 -2%
5 PUP.Optimizer Pro 931,788 -1%
6 PUP.SuperWeb 928,549 0%
7 Adware.Multiplug/Variant 882,069 -1%
8 Iminent Toolbar 744,996 -1%
9 Hijacker 655,634 -1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


PriceMinus is deemed as an adware program that affects Windows users and may be compatible with Google Chrome, Safari, Mozilla Firefox and Internet Explorer. PriceMinus promises help online shoppers by providing the best deals and discounts available without any effort from the computer user. PriceMinus advertisements may appear while the computer user is online shopping, and its presence may create various problems on the affected machine. In addition to the numerous unwelcomed advertisements, PriceMinus advertisements, if clicked, may escort the installation of other applications such as more adware and PUPs. PriceMinus may redirect your browser to potentially compromised websites and may reduce the machine's performance by using system resources while displaying its advertisements.

Posted on May 6, 2015 in Adware is classified as a Possibly Unwanted Program (PUP) due to its real intentions. displays fraudulent messages warning the computer user about threats that were found. Then, it provides a telephone number and prompts the computer user to call its 'technical support' to get help and remove the infections. By calling their number, a person will confirm the 'threat infections' and will ask for a payment to provide the necessary tools to remove the fake infections. This kind of misleading tactic is very common, but gullible computer users may fall prey of the scary results presented and end up paying for a not needed service. Even paying the asked amount, the affected computer user will not get rid of its annoying pop-ups. The only way to stop it is removing its add-on and related components.

Posted on May 6, 2015 in Possibly Unwanted Program

Internet Speed Utility

The Web is full of programs developed by people that look for easy gains. Internet Speed Utility is an example of this kind of program. By hijacking the computer user's Web browser, Internet Speed Utility can execute its intended deeds. Judging it by its name, Internet Speed Utility may look like a useful tool. However, Internet Speed Utility is the opposite; it may decrease the computer's speed. Internet Speed Utility may display countless, unwanted advertisements in order to generate income for its perpetrators via the pay-per-click tactic or by increasing a website's traffic. Its advertisements, if clicked, may direct the computer user to compromised websites and lead to the installation of additional browser hijacker, PUPs and adware.

Posted on May 6, 2015 in Browser Hijackers


Another browser hijacker-related program developed by Mindspark Interactive Network called InstantRadioPlay is creating numerous problems for Internet users. InstantRadioPlay may be introduced on the affected computer bundled with third-party programs such as PDF creators, video steamers, download managers and similar utilities. Once installed, InstantRadioPlay may hijack your chosen search engine and Web browser homepage and replace it with Then, your preselected search engine may become To get back to a normal browsing, you should remove InstantRadioPlay's related browser hijacker with a malware removal tool.

Posted on May 6, 2015 in Browser Hijackers


If you start receiving numerous advertisements 'Powered by ShoppingGid', you should be aware that your computer is housing an adware program. ShoppingGid was developed by Siberian Information Technologies LLC and TRIORIS LLC, both based in Russia. Although the main targets of ShoppingGid are Russian-speak countries, ShoppingGid also may affect computers anywhere since ShoppingGid is compatible with popular Web browsers available such as Internet Explorer, Mozilla Firefox and Google Chrome. You may acquire ShoppingGid while downloading free programs from the Web. It is advised do not click on the advertisements displayed by ShoppingGid since they may be related to corrupted websites which may add more problems to the affected computer.

Posted on May 6, 2015 in Adware


TrojanDropper:Win32/Woozlist.a is a threat that may install Possibly Unwanted Programs (PUPs), toolbars or even more serious threats on an infected computer. TrojanDropper:Win32/Woozlist.a is related to adware that may create fake messages and display unwanted advertisements. TrojanDropper:Win32/Woozlist.a may enter a computer through free downloads. TrojanDropper:Win32/Woozlist.a may use so much system resources that the affected machine may slow down severely, crash and even present the dreadful Blue Screen of Death. Besides creating annoying noises on the infected machine, TrojanDropper:Win32/Woozlist.a also may gather the computer user's browsing queries and send it to its sponsors to be used in the generation of additional advertisements.

Posted on May 6, 2015 in Trojans

Super Shopping

While browsing the Internet, you can be affected by an adware-related program named Super Shopping. Super Shopping may have entered your computer while you were installing a free application that had Super Shopping bundled with its installation process, via peer-to-peer file sharing, corrupted email attachments or compromised websites. Super Shopping advertisements may appear in Google Chrome, Mozilla Firefox and Internet Explorer and become very annoying due to its intrusiveness. The unwanted advertisements aren't the only annoyance created by Super Shopping' presence. It also may replace system entries, generate Registry entries and modify your browser settings. Your machine's speed may diminish drastically, and you will not be able of accomplishing the tasks you intended to do.

Posted on May 6, 2015 in Adware

Shop Smart

The advertisements displayed by a free application called Shop Smart are caused by an adware program. Shop Smart advertisements may appear on the websites visited by the computer user out of nowhere, and may take the form of video advertisements, banners, coupons and fake updates for Java, Adobe Flash Player or your browser. While online shopping, computer users may believe in Shop Smart claims of being a useful helper and install it on their machines. The usual way used by Shop Smart to introduce itself to a computer is being bundled with free software. Once installed, Shop Smart may cause various problems on the affected PC. Shop Smart may interrupt the computer user's online browsing by covering the visited Web page with its invasive advertisements. The affected machine may present a decreased performance due to its high usage of system resources, and the computer user's browsing...

Posted on May 6, 2015 in Adware

The domain is used by adware developers to show pop-ups that closely resemble the 'Blue Screen of Death' (BSOD) messages on Windows to promote fake technical support services. The BSOD messages specify a critical system error and crooks try to convince users to call for help and gain access to their computers. You should keep in mind that the BSOD pop-ups by in your web browser are propelled by adware. The adware associated with may have arrived on your PC as a plugin for your web browser that was part of a freeware bundle. Most computer users install freeware via the 'Express' or 'Typical' option and allow third-party applications to be installed as well. Security experts advise users to be careful and not to click on the content by because it is connected to several...

Posted on May 5, 2015 in Possibly Unwanted Program

MetroHotspot Toolbar

The MetroHotspot Toolbar is another Potentially Unwanted Program (PUP) with adware functionality by Mindspark Interactive Network, Inc. that is similar to the Hotspot Shield Toolbar and the SuddenlyMusic Toolbar . The MetroHotspot application has versions for Google Chrome, Internet Explorer and Mozilla Firefox that can show advertisements while you surf the web. You may be interested to know that the MetroHotspot Toolbar can be automatically installed on your system by handling a freeware package with the 'Express' or 'Typical' option. Also, you should note that the MetroHotspot Toolbar might read your Internet history and bookmarks in order to help advertisers show ads suited to your interests. Security experts add that the MetroHotspot application might change your default search aggregator to use and obstruct users from manually changing their search provider. The...

Posted on May 5, 2015 in Browser Hijackers

Local Scavenger Toolbar

The Local Scavenger Toolbar by Mindspark Interactive Network, Inc. may claim to be useful, but you should note that it is perceived by security experts as a Potentially Unwanted Program (PUP) with adware capabilities. The Local Scavenger application has a version for Mozilla Firefox, Google Chrome and Internet Explorer that can display promotional materials while you surf the Internet. The Local Scavenger software is designed to add a toolbar at the bottom of your browser user interface and may limit the web page surface available to you. Also, the Local Scavenger Toolbar may slow down your browser and display advertisement content during your online session. You should not forget that the Local Scavenger Toolbar is ad-supported, and you will have to tolerate banners, ad boxes, pop-up and pop-under windows as long as you keep the Local Scavenger software on your PC. Additionally, the...

Posted on May 5, 2015 in Browser Hijackers

The domain hosts a search service that strives to resemble the Google search engine but may not deliver the same quality of results. The domain is affiliated with the FVD Speed Dial browser extension that is available for free download from the Chrome Web Store and can be obtained via freeware bundles. Security analysts point out that the domains is related to a browser hijacker that may have been installed on your system as a search assistant. The browser hijacker linked to is programmed to generate traffic through the search engine and may insert a key in the Windows registry to prevent you from manually changing your online settings. You should note that the domain may feature links to suspicious Internet locations and insecure web stores. Computer users can seek the help of...

Posted on May 5, 2015 in Browser Hijackers

Musix Search

The Musix Search browser extension by Zooms travels embedded with freeware setup files that most users handle with the 'Typical' or 'Express' option. Once the Musix Search extension is installed, it might change your default search aggregator, new tab, and homepage settings. The Musix Search app is promoted as a search service that allows users to listen to music for free and browse albums by their favorite musicians. However, the Musix Search application is perceived by security researchers as a Potentially Unwanted Program (PUP) with adware functionality. The Musix Search app can read the metadata of web pages you visit and substitute the native ads with marketing materials by sponsors. Also, it may ask for your Facebook and Google account credentials in order to customize the marketing content presented to you. Security researchers add that the Musix Search extension may ask you to...

Posted on May 5, 2015 in Adware

Glass Bottle

The Glass Bottle browser plugin is a variant of the BrowseFox cyber threat that is optimized to change several settings of your web browser and present you with several forms of commercials. The Glass Bottle adware is deployed via freeware bundles that most users install with the 'Express' or 'Typical' option. The Glass Bottle adware can use tracking cookies to deliver targeted marketing content like other variants of BrowseFox namely Diamondata , RightSurf and FindRight . Moreover, the Glass Bottle adware might download the aforementioned apps and change your default search engine, homepage, and new tab settings. Security analysts add that the Glass Bottle adware may slow down your web browser, disable instant search results suggestions and send data like your browsing history and bookmarks to advertisers. Also, the Glass Bottle adware may substitute the sponsored results on...

Posted on May 5, 2015 in Adware


The DealMan software is advertised in freeware bundles as a helpful browser extension that would allow online shoppers to find the best prices of products they are interested in buying. However, the DealMan binary is classified by security experts as adware because it functions as an advertising engine that may cover your browser surface with promotional materials. The DealMan adware works similarly to the DailyPrize and the Vaf Music Toolbar , and might use tracking cookies and record your search terms in order to display related advertisements. The ads by DealMan may take the form of banners, ad boxes, transparent layers with links to sponsors and pop-up windows. Moreover, the DealMan adware may replace safe ads on trusted online stores with links to potentially harmful domains and low-quality software centers. Additionally, the DealMan adware may promote riskware such as Vaudix...

Posted on May 5, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 919