Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,071,647 -2%
2 Conduit Search/Toolbar 1,516,903 -2%
3 PUP.SupTab 1,098,968 -4%
4 PUP.InstallCore 924,295 -3%
5 Adware.Multiplug/Variant 908,415 -2%
6 PUP.Optimizer Pro 907,236 -2%
7 PUP.SuperWeb 907,193 -3%
8 Iminent Toolbar 750,689 -2%
9 PUP.CrossRider 645,680 -3%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

CoinSave Ads

The CoinSave software may appear on your 'Programs and Features' list after the installation of a free program via the 'Express' or 'Typical' option. You may want to know that CoinSave is advertised as an online shopping companion that can save money, but it is adware. The CoinCoinSave adware functions similarly to other adware like Bold Letters and My Deals Club may slow down your web browser as executes its activities. You may want to know that the CoinSave adware may use tracking cookies and DOM storage data to record what websites you visit and what resources you prefer. Security analysts note that CoinSave adware can use non-personally identifiable information like your browsing history to customize the marketing offers displayed on your browser surface. The CoinSave adware might show banners, pop-up windows, transparent layers with links to sponsors and inline ads. Security...

Posted on July 3, 2015 in Adware

FileSendSuite Toolbar

The FileSendSuite toolbar is another addition to the portfolio of Mindspark Interactive Network, Inc. that is dominated by adware, browser hijackers and low-quality toolbars. The FileSendSuite toolbar is spread among web surfers via freeware bundles and is advertised as a tool to enable users to share files easily. Needless to say, the FileSendSuite app may claim to be useful but it is adware and only redirects users to third-party services that it claims to provide. Security investigators note that the FileSendSuite adware can add its code to your Google Chrome, Mozilla Firefox, Internet Explorer and appear as a toolbar. However, the core functionality of the FileSendSuite adware is executed in a background process that allows it to track your browsing habits and download history. That way, the FileSendSuite adware can show targeted marketing promotions via banners, ad boxes, pop-up...

Posted on July 3, 2015 in Adware


The funny name and simple design combined with the promise of advanced video rendering capabilities may invite many users to install the YeaPlayer application. However, security experts recognize the YeaPlayer application as a Potentially Unwanted Program (PUP) with adware capabilities. The YeaPlayer application may be built upon the MPlayer Classic code, but it does not have built-in codecs and fails to live up to the challenge of other free video players on the market. Moreover, the YeaPlayer application is used by advertisers to push marketing materials in your browser. The YeaPlayer application is distributed through freeware packages and may be companied by adware and browser hijackers like the GoUnzip Toolbar and Continue To Save . The YeaPlayer functions similarly to MagnoPlayer and may add a browser plugin to your Internet client to display customized commercials loaded...

Posted on July 3, 2015 in Adware

Book Alter Ads

The ads by Book Alter in your browser are generated by an adware infection on your system. You may have installed the Book Alter adware via the 'Express' or 'Typical' option of a free software installer automatically. The Book Alter adware is programmed to evade detection and may place its files in the hidden Temp and Program Data folders of Windows that are typically used by applications to store settings configurations and temporary files. Security researchers note that the Book Alter adware might edit your Windows Registry and launch a background service to conduct its operations. The Book Alter adware may be linked to your browser via a registry key and can show ads every time you start an online session. Users that are infected with the Book Alter adware may experience banners, pop-ups windows, transitional full-page ads and see in-text hyperlinks to products and services on...

Posted on July 3, 2015 in Adware

MonsonRevenue Ads

The abundance of ads by MonsonRevenue in your Internet client is caused by adware that may have entered your PC as an additional browser add-on to a freeware bundle. The MonsonRevenue app is used by adware developers to earn affiliate revenue by displaying numerous ads while you surf the Internet. Security authorities note that the MonsonRevenue adware could interact with Google Chrome, Mozilla Firefox, and Internet Explorer to show advertisements. The MonsonRevenue adware might present users with pop-up and pop-under windows loaded with coupons and promotions. The MonsonRevenue adware may place banners, in-text hyperlinks to products and floating commercials on the web page you preview. Security authorities remind users that the MonsonRevenue adware may redirect you to potentially harmful domains and phishing websites. Needless to say, the ads by the MonsonRevenue adware may lead...

Posted on July 3, 2015 in Adware

SmartPurple Ads

The SmartPurple browser add-on is classified by security analysts as an adware because it is created to generate pay-per-click revenue for its developers by displaying many ads in the web browser of users. Moreover, the SmartPurple adware is known to place its files in the hidden ProgramData folder to evade detection. The SmartPurple adware may arrive on your PC incorporated with a free application installer. Also, other adware and browser hijackers like PicColor and InfoAxe may accompany the SmartPurple adware. Security analysts reveal that the SmartPurple adware uses a background process to execute its activities and can work with Google Chrome, Internet Explorer, and Mozilla Firefox. The SmartPurple adware may show banners, ad boxes, pop-up windows and transitional commercials loaded with discounts and special deals. The ads by adware like SmartPurple are not safe, and you...

Posted on July 3, 2015 in Adware

WebDiscover Browser

The WebDiscover Browser from Discover Browser Media is advertised as an application that combines all useful features of Google Chrome and secure VPN services. Users that are interested in trying out the WebDiscover Browser can acquire it from freeware packages and its official website. However, the WebDiscover Browser tool is deemed by security investigators as a Potentially Unwanted Program (PUP) with adware functionality and may want to abstain from introducing it to their OS. The WebDiscover Browser uses DOM storage data, records your browsing history and your approximate geographical location to help affiliate advertisers deliver custom-made commercials. Upon installation, the WebDiscover Browser edits your Windows Registry to become your default Internet client and may send information about your software configuration to advertisers. The WebDiscover Browser may use pop-up...

Posted on July 3, 2015 in Browser Hijackers

Fraudulent Credit Card Transactions on The Trump Organization Hotel Clients May Reveal Data Breach

There is no doubt that Donald Trump is making a splash in the pool of TV news and social media as of lately. Surrounding those highlights, is something that is somewhat related to him and his businesses where fraudulent transactions on accounts of individuals who visited some Trump properties indicate a compromise of their credit card data. Several banks located in the US have taken notice to many illegal transactions of clients who have stayed at hotels administered by the Trump Organization. The security breach, which security blogger Brian Krebs received information on, allegedly dates back to February 2015. As you may well know, Trump Organization affiliated hotels are located all over the world, including the massively populated areas of Chicago, New York, Las Vegas, New York and even Honolulu. The suspicious credit card activity could be vast but as far as how many...

Posted on July 2, 2015 in Computer Security

Dig Deep Ads

The Dig Deep browser add-on is advertised to help users navigate through the World Wide Web, but there isn't information how it does that. However, the Dig Deep add-on may claim to enhance your interaction with text, image and video content on the Internet. You should note that the Dig Deep browser add-on is classified by security researchers as adware because it uses tracking cookies to customize and multiply the number of ads you encounter while you surf the Internet. The Dig Deep adware can be found in free software packages under the 'Advanced' or 'Custom' option and may be accompanied by bad toolbars like Iminent and eGames . The Dig Deep adware may show banners, floating ad boxes, pop-up windows, transparent layers loaded with links to sponsors and full-page ads. Security researchers add that the Dig Deep adware may add a task in the Windows Task Scheduler to automate its...

Posted on July 2, 2015 in Adware

DownSpeedTest Toolbar

The DownSpeedTest browser toolbar can be found in the Google Chrome Web Store and offer you to test your Internet speed and provide you with file conversion services. However, that does not mean it is a reliable program because it is developed by the infamous Mindspark Interactive Network, Inc. They are known to deploy a wide range of riskware and adware such as Daily ImageBoard and SMSFromBrowser . You should note that advertisers that sponsor Mindspark products may present you with many banners, pop-ups, contextual and transitional commercials. Additionally, the DownSpeedTest toolbar may redirect you to potentially harmful domains and insecure services. You may want to know that the DownSpeedTest toolbar is distributed to users via freeware bundles that most users install via the 'Typical' or 'Express' option. The DownSpeedTest application may change your home page, the new tab,...

Posted on July 2, 2015 in Possibly Unwanted Program

Rector Ransomware

The Rector Ransomware can be detected by security applications under the names of Trojan/Win32.Rector.A, Trojan-Ransom.Win32.Rector and Trojan:Win32/Orsam!rts. You should note that cyber criminals deploy the Rector ransomware via spam emails as an attached file with a double extension to be executable. Users infected with the Rector ransomware report that their image, archive and text files were unreadable and had a .CBF extension added to their file name. Malware investigators reveal that the Rector ransomware is designed to encrypt JPG, DOC, PDF and RAR files. Also, victims of the Rector ransomware are presented with a ransom note that takes over their desktop background. Users affected by the Rector ransomware are instructed to contact the address or the ICQ numbers 557973252 and 481059 to negotiate the ransom demand. In most cases, users are presented with a...

Posted on July 2, 2015 in Ransomware

Users that are presented with security alerts about may want to know that the domain is associated with adware and Potentially Unwanted Programs (PUPs) such as Multiplug and Facemoods . Third parties use the domain to spread a file named 'wpad.dat' that is a web proxy autodiscovery protocol. The wpad.dat file can modify your proxy settings and reroute your Internet traffic via servers operated by advertisers and cyber criminals. The security alerts on your computer may be caused by adware or a PUP that you installed along with a free program via the 'Express' or 'Typical' option. Security analysts note the security alerts about may appear while you surf the Internet and write a document as long there is a background service or a process that sends HTTP queries to the...

Posted on July 2, 2015 in Adware


Stegoloader is a threat that hides inside an image file. This may be quite harmful since threatening code can now be delivered inside a simple PNG image file. Security analysts have observed Stegoloader at work, infecting computers and collecting data from the victim. Since Stegoloader is a relatively new threat, your security program should be fully updated in order to detect and remove this new threat. The Dissemination of Stegoloader There are many kinds of threats. However, computer users do not expect to find a threat inside an image file. A threat may be distributed using executable files that may be disguised in a variety of ways. Computer users have learned to avoid opening executable files, especially EXE and DLL files. Many computer users have also realized that threats may be packaged inside Microsoft Office and PDF documents, taking extra care when dealing with...

Posted on July 2, 2015 in Malware

The pop-up windows in your web browser may urge you to update your 'Flash Player HD' and feature the logo of the legitimate Adobe Flash Player. However, you should not download software from the pop-ups to avoid the installation of potentially harmful software. Security researchers reveal that the IP address of is recognized as a source of the DownloadNSave riskware and the MegaSearch adware. Therefore, users should not download and install programs from the pop-ups regardless of the visual elements and messages they are presented with. The adware responsible for pop-ups by in your browser may have entered your computer with a free program installer. The adware may use a browser add-on, an extension, a plugin and a Browser Helper Object...

Posted on July 1, 2015 in Adware

OptiSpace Ads

The OptiSpace program is a textbook example of adware and users should avoid installing it. The OptiSpace adware may arrive on your computer as an additional component of a freeware package that many users carelessly install with the 'Express' or 'Typical' option. The OptiSpace adware uses tracking cookies and a background process to record your search terms and what websites you visit in order to load customized commercials. The OptiSpace adware executes behavioral marketing and might present you with banners, coupons, full-page ads, pop-up and pop-under windows with third-party content. Needless, to say, the OptiSpace adware may feature links to harmful websites and insecure resources as long as its developers are paid to do so. Security experts warn users that the OptiSpace adware may promote fake software updates and rogue software such as Cyber Protection Center ,...

Posted on July 1, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 942