Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,498,276 -3%
2 Conduit Search/Toolbar 1,128,251 -3%
3 Hijacker 723,754 -4%
4 PUP.InstallCore 720,009 -3%
5 PUP.Optimizer Pro 711,151 -2%
6 PUP.SupTab 688,260 -6%
7 Adware.LinkSwift 649,977 -1%
8 V9 Redirect Virus 576,687 -1%
9 Babylon Search/Toolbar 513,349 -3%
10 WeDownload Manager 445,397 -1%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Warning: Over 20,000 Gmail, AOL, and Yahoo Email Accounts Hacked!
A major email security scam has taken place today where hackers compromised over 20,000 Gmail, AOL and Yahoo email accounts and posted the login details of them online. It is apparent that there is a phishing scheme happening where hackers are able to obtain thousands of login credentials from...

More Articles

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware


The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)


The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


DeallSter, or Ads by DeallSter, is adware distributed by InstalleRex-WebPick. Although it offers coupons and affordable prices for your online shopping, DeallSter has a not-so-good feature, that is the display of numerous advertisements in the form of in-text advertisements and banners that DeallSter tries to present to the computer user as another good service, even though it was not requested. Also, these unwanted advertisements may install other adware programs on the affected computer. DeallSter is another adware program that may be installed when the user downloads shareware or freeware programs from third parties and ignore the option of custom installation. In order to get rid of the advertisements and coupons displayed by DeallSter as well as any other unwanted adware program installed on your machine, you should uninstall DeallSter using an anti-adware program.

Posted on September 30, 2014 in Adware


ZoomifyApp is a Potentially Unwanted Program as well as adware. ZoomifyApp's classification as adware is due to the large number of advertisements that ZoomifyApp displays based on the information ZoomifyApp collects about the websites you like to visit. Therefore, when accessing any website, computer users that have ZoomifyApp installed on their machines will be flooded by ZoomifyApp advertisements, some of them even unrelated to the websites they are visiting. The download of freeware such as Yontoo, DealFinder and similar apps may install ZoomifyApp on your computer without your knowledge. It is why it is very important to pay attention when downloading freeware on your machine. If ZoomifyApp is bothering you with its advertisements, choose a good anti program and erase ZoomifyApp from your PC.

Posted on September 30, 2014 in Adware


V-9.1HDV25.09 is an adware that can change Internet browser settings. What is more, V-9.1HDV25.09 may cause automatic pop-up advertisements to show up on your screen while browsing the Internet, which by PC users tend to find quite annoying. Ads by V-9.1HDV25.09 include banners, coupons and other types of publications. The most common ways to get this program is through junk e-mails, and of course, you can also find it bundled with other freeware. Remember, PC threat specialists advise users to be careful when downloading freeware from the Web.

Posted on September 30, 2014 in Adware

Ge-Force Ads

Ge-Force is adware that may display ads and affect browsers like Google Chrome, Mozilla Firefox or Internet Explorer. Ge-Force is an ad-supported extension with adware capabilities. Ge-Force ads may collect data like Internet searches, clicks, browsing history, etc. With the collected data, adware delivers targeted advertisements that get PC users into clicking the ads that show up on their browser. However, it is possible that clicking on such ads might lead you to questionable websites.

Posted on September 30, 2014 in Adware


ChiliCoupon is a browser extension or a BHO (Browser Helper Object) that is supposed to enhance your online shopping experience. In fact, ChiliCoupon may only cause annoying advertisements like deals, savings and coupons. Usually, ChiliCoupon adware is distributed in a questionable manner, and this is why it is highly likely that you find ChiliCoupon bundled with other free software. ChiliCoupon is not a virus itself, and yet it is possible that a user gets it without actually downloading it. Once you have it on your PC, ChiliCoupon ads will continue to show up while you visit online shopping sites like Ebay, Bestbuy or Walmart, for example. What is more, ChiliCoupon may redirect you to other websites that might have malicious content.

Posted on September 30, 2014 in Adware is a website associated with a browser hijacker that may appear after installing adware or a PUP. A browser hijacker alters your browser settings. Then, a browser hijacker starts redirecting your browser to unwanted websites and tries to convince you to download other freeware that can lead to the installation of more adware and PUPs. Therefore, if appears unexpectedly in your Web browser, the safest way to deal with it is to close and get an anti-malware product to erase adware, PUPs and browser hijackers immediately.

Posted on September 29, 2014 in Browser Hijackers


HoistSearch is a browser hijacker that may enter a computer when the PC user downloads a third-party freeware. Various novice PC users do not read the freeware's EULA and unknowingly allow the installation of this kind of app. Once installed, HoistSearch modifies the browser settings to redirect it to its website,, or to associated websites. The main objective of HoistSearch is to increase its traffic and display advertisements. If you are experiencing unsolicited redirects to, it is a clear sign that your machine has been affected by HoistSearch. To stop these annoying symptoms, you should use an anti-malware program to remove HoistSearch from your computer.

Posted on September 29, 2014 in Browser Hijackers


TrojanDownloader:Win32/Kuluoz.D is a Trojan from the Win32/Kuluoz family that is installed automatically. TrojanDownloader:Win32/Kuluoz.D may open a backdoor on the affected computer to bring more threats, alter system settings, create several non-specific files and may cause a poor performance, and even make the computer crash due to its high usage of system resources. TrojanDownloader:Win32/Kuluoz.D also may open a backdoor on the infected PC to give access to a third party. TrojanDownloader:Win32/Kuluoz.D should be removed from the infected computer entirely. An anti-malware program should be able to scan your computer and erase TrojanDownloader:Win32/Kuluoz.D and its related files.

Posted on September 29, 2014 in Trojans


DownSavie, or Ads by Down Savie, is adware that can appear on your computer as an extension or add-on for Internet Explorer, Mozilla Firefox or Google Chrome that is bundled with a freeware. After installed on your computer, DownSavie will display an enormous quantity of advertisements in the form of banners, coupons, etc., every time you try to navigate the Web. If DownSavie is on your computer, it is advisable to remove it, to avoid further problems. You should use a good anti-malware product to remove DownSavie from your computer.

Posted on September 29, 2014 in Adware


W32.Queshare is a worm that targets the Windows operating systems and may spread itself fast through removable drivers or corrupted links added to instant messages. The main objective of the W32.Queshare worm is to gather sensitive information such as email account and games' credentials and send it to a third party. After its installation, W32.Queshare will create corrupted system files in order to drop its payload as soon as the system is started. W32.Queshare also may take control of your Web browser and install other threats on the affected PC. You should take urgent measures to erase W32.Queshare from your computer. An up-to-date anti-malware program should be able to erase all traces of W32.Queshare from your computer.

Posted on September 29, 2014 in Worms


Win64:Rootkit-gen is a very destructive Trojan infection. Its first action is that Win64:Rootkit-gen may modify the host files and PC settings, which can cause serious performance issues. If Win64:Rootkit-gen can accomplish these changes, Win64:Rootkit-gen will create .dll and .exe files, icons, shortcuts and change the desktop background. Win64:Rootkit-gen may block access to security-related applications and sites, hijack Web browser, and decrease the computer's performance. Even though it will not be an easy task to remove Win64:Rootkit-gen from an infected computer, the PC user should get the collaboration of a resolute and up-to-date anti-malware program to annihilate the harmful presence of Win64:Rootkit-gen from their computers.

Posted on September 29, 2014 in Rootkits


PriceCongress is adware that was designed by Simply Tech LTDi and promoted by as a tool that can provide affordable deals for your online shopping. Regretfully, PriceCongress is not just about the good deals. Instead, PriceCongress will flood your desktop with its called 'Powered by PriceCongress' advertisements that are arbitrary, unwanted, and may not related to your searches. PriceCongress may monitor your browsing habits. To avoid problems that may be caused by PriceCongress and its related advertisement, you should use a reputable anti-adware application to erase PriceCongress from your machine.

Posted on September 29, 2014 in Adware


Trojan:Win32/Peaac.gen!A!plock is a Trojan that belongs to the Win32/Peaac family of threatening Trojans that is installed automatically on the targeted computer. Trojan:Win32/Peaac.gen!A!plock has the potential to transform your machine into a useless piece of junk. Your home page, system codes and registry setting will be modified by Trojan:Win32/Peaac.gen!A!plock. Trojan:Win32/Peaac.gen!A!plock also may block certain programs by removing crucial files and applications, hijack your Web browser, so you will not be able to access security-related websites, monitor the sites you visit, collect information and much more. Trojan:Win32/Peaac.gen!A!plock may spread via corrupted advertisements, freeware or compromised plug-ins. The removal of Trojan:Win32/Peaac.gen!A!plock should be done upon detection using a proven and updated anti-malware product.

Posted on September 29, 2014 in Trojans


TinyWallet, also known as Tiny Wallet, is a browser add-on or adware that is promoted as a helping tool for your purchases online. TinyWallet may attack the most popular Web browser such as Google Chrome, Internet Explorer and Mozilla Firefox. TinyWallet may enter a computer bundled with free software and may monitor your online activities. Eliminating TinyWallet from your computer with an anti-malware program is the secure way to terminate all the annoyance caused by TinyWallet.

Posted on September 29, 2014 in Adware


ArcardeGiant is adware that modifies your Web browser, so ArcardeGiant can display numerous and inconvenient advertisements and promote various games that will, for sure, interfere with your activities. Computer users affected by ArcardeGiant should be careful with its advertisements. Adware may cause the PC to crash, due to the large amount of system resources adware utilizes in order to accomplish its tasks. A trustworthy anti-adware program will be a necessary help to accomplish the removal of adware.

Posted on September 29, 2014 in Adware
1  2  3  4  5  6  7  8  9  10  11  12  next     total items: 12322