Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,018,738 -1%
2 Conduit Search/Toolbar 1,479,044 -1%
3 PUP.SupTab 1,033,331 0%
4 PUP.InstallCore 874,733 -0%
5 PUP.SuperWeb 869,432 -2%
6 PUP.Optimizer Pro 861,593 -1%
7 Adware.Multiplug/Variant 811,804 -3%
8 Iminent Toolbar 727,305 -1%
9 Hijacker 639,165 -0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans


Despite its name, the FreeCodecPack for video and audio rendering does not come for free, and it will inject ads on all pages you preview in your Web browser. You may have been offered to install FreeCodecPack on a suspicious software distribution platform and may have installed it with a free software package unknowingly. The FreeCodecPack application is adware, and you should expect to see banners, sponsored links, pop-up windows, coupons and discounts in your browser. Security experts report that FreeCodecPack suggest users to install BitGuard and PC Performer via pop-under windows. Computer users will not befit from the apps mentioned before and may experience decreased computer performance. Moreover, FreeCodecPack may edit your Windows Registry and browser settings to change your default search provider and homepage to Clicklivesearchcom or that are...

Posted on August 27, 2015 in Adware

StudyHQ Toolbar

The StudyHQ Toolbar may allow you to use flash cards and learn faster, but it is developed by the infamous Mindspark Interactive Network, Inc. and has a few surprises for users. The StudyHQ Toolbar is another attempt of Mindspark to convince users to keep their ad-supported software on their computers. The StudyHQ Toolbar can be found in freeware bundles and is available for download on its official web page at The StudyHQ Toolbar is classified as a Potentially Unwanted Program (PUP) that may not satisfy your expectations but will display an abundance of advertisements in your browser. Moreover, the StudyHQ software will change your homepage, search provider and new tab settings to without your explicit consent. Advertisers partnering with Mindspark to show pop-ups, banners, floating ad-boxes and sponsored search results on Google may use the StudyHQ....

Posted on August 27, 2015 in Possibly Unwanted Program

Music Search App Toolbar

The Music Search App Toolbar from Bandoo Media, Inc. is promoted as an advanced music search engine for your browser that can help you discover any song on the Internet. You might be interested to know that Bandoo Media, Inc. is associated with several browser hijackers like , and . Additionally, the HDVidCodec adware is reported to travel with the Music Search App Toolbar. Security researchers perceive the Music Search App Toolbar as a browser hijacker because it may change your default search aggregator and homepage to with a key in your Windows Registry. Moreover, the Music Search App browser hijacker will display pop-up ads and insert in-text hyperlinks to sponsors to earn affiliate revenue for its creators. The Music Search App Toolbar may allow users to listen to a few radio stations on the Internet to dissuade them...

Posted on August 27, 2015 in Browser Hijackers

Musicloud Ads

The Musicloud software can be found in the company of free program setups and applications like Down Checker and PureDef Music Toolbar . The Musicloud software is promoted to have the ability to play MP3 files in the comfort of their Web browser. However, the Musicloud software is deemed by security analysts as adware because it does not perform as promised and delegates its duties to third parties. The primary objective of the Musicloud adware is to generate advertisements in your browser that could cover your screen and earn pay-per-click revenue from while you attempt to close them. The Musicloud adware may use banners, ad-boxes, pop-up windows, full-page ads, transitional and contextual content recommendations. Additionally, when users affected by Musicloud visit eBay, Amazon and other e-commerce websites they will be provided with semi-transparent banners loaded with similar...

Posted on August 27, 2015 in Adware

Oh My Coupons Ads

The peculiar promotions by Oh My Coupons in your browser are facilitated by an adware infection on your OS that you may have installed with a free program installer. Security investigators reveal that the Oh My Coupons adware is programmed to show numerous pop-up windows and banners when it detect that the user is browsing e-commerce websites like Amazon and eBay. The Oh My Coupons adware uses DOM storage data, reads your approximate geographical location and the metadata of pages you browse to load personalized promotions. The Oh My Coupons adware is built on the Crossrider platform and can modify the behavior of Google Chrome, Mozilla Firefox, and Internet Explorer and disable built-in pop-up blockers. The Oh My Coupons adware might decrease your browser performance and use ActionScript3 to load sponsored commercials on YouTube. The Oh My Coupons adware does not have a valid digital...

Posted on August 27, 2015 in Adware

Adware displays the pop-up windows in your browser on your system. The domain name that is used by adware developers may convince users to install the suggested update, but you should not trust it. The IP address of the domain is associated with the Katusha trojan that is designed to exploit vulnerabilities in Google Chrome, Mozilla Firefox, and Internet Explorer. Therefore, you are strongly advised against clicking on the content on Security investigators add that the update promoted on may contain riskware such as Skyrocket Player and BR Media Player . By promoting these apps, the adware developers handling the domain may claim pay-per-install revenue. Additionally, the update on may contain other adware...

Posted on August 27, 2015 in Adware

RockCoupon Ads

The name of the RockCoupon may inspire confidence in many online shoppers but should not be trusted because it is adware. The RockCoupon adware may slow down your browser and display many pop-up windows at once when you visit online stores like Amazon, Walmart, and eBay. Also, the RockCoupon adware is reported to show a rather large banner entitled 'Similar Products' in the bottom right corner of the browser that contains sponsored content. The RockCoupon adware may advertise riskware like Infonaut and LiveiStream on pop-unders and merchandise from untrusted online shops. The RockCoupon adware may show discounts, coupons, and special deals to attract your attention, but you should not click on those promotions as they may be corrupted. Your browser could be instructed to do a drive-by download of a harmful program. The RockCoupon adware may affect Google Chrome, Internet Explorer,...

Posted on August 27, 2015 in Adware

ShareThis Ads

The ShareThis browser add-on may intrigue users by promising them to expand their sharing options to more than ten content sharing platforms. However, the ShareThis add-on is deemed by security experts as adware and will not be as useful as you may have hoped it would be. The majority of the popular websites on the Internet provide users with many options to share their content with friends, and the ShareThis add-on may prove to be a hindrance instead of a helping tool. The main objective of the ShareThis adware is not to help users share content on different platforms but to show ads that may cover your browser surface. The ShareThis adware-powered add-on travels with freeware packages as an additional offer under the 'Advanced' or 'Custom' option that users explorer rarely. Users may be amazed by the number of ads that the ShareThis adware can load in their browser and see banners,...

Posted on August 27, 2015 in Adware

Onion Ransomware

Malware researchers have noticed that the CTB-Locker ransomware (a.k.a. Critoni) has an improved version dubbed Onion that is dispersed among users as an attached ZIP file enclosed in spam mail. The ZIP payload contains another ZIP archive that acts as a trojan dropper for the Onion ransomware. The Onion cryptomalware encrypts PDF, XLS, PPT, DOCT, TXT, JPEG, JPEG and JS file types. The Onion ransomware will place its executable in the Temp folder and adds a task in the Windows Task Scheduler to run at system startup. The files affected by the Onion ransomware will be encrypted according to the model . . The successful intrusion of the Onion ransomware will lock your files and place a ransom note named MW_ IN FILES.txt or KK_ IN YOUR DOCUMENTS.txt in every folder on your drive that contains encrypted files. Malware researchers point out that the onion ransomware uses RSA-21024 as its...

Posted on August 27, 2015 in Ransomware

Critical Programming Alert Pop-Ups

Pop-up windows in your browser that say 'Critical Programming Alert' should not be trusted because these messages should be generated within Windows. However, the Critical Programming Alert pop-ups are caused by adware on your computer that may direct you to call 1-855-982-9386 or 1-844-335-4674. Adware developers formulate the 'Critical Programming Alert' notifications with the aim of scaring users into calling fake tech support agents. The agents on 1-855-982-9386 and 1-844-335-4674 will attempt to convince you that your PC is in danger, and you need their help in removing spyware. The fake technical support agents may ask to connect to your Windows remotely and may cause system errors to backup their claims. Needless to say, you should not trust the 'Critical Programming Alert' pop-ups to prevent unauthorized access to your computer. The adware that generates the 'Critical...

Posted on August 27, 2015 in Adware

McAfee Founder Believes Ashley Madison Hack was an Inside Job Instead of Viable Hacker Group

The news has broken to the world in more ways than one about how hackers have exposed the user data of the affair website As the backlash of the hacking incident implodes on its users while many married couples await the news to find out if their significant other was a user, the hacker group Impact Team who claims responsibility is suspected to not be the real culprits. John McAfee, found and former CEO of the cybersecurity firm McAfee, has recently made a case that some are raising eyebrows to attributing that the Ashley Madison hack was an inside job by one of the company's employees. This is not the first time John McAfee has been in the news. At one time he was sought for questioning in the killings of a former neighbor of his. Since then, the media has not conjured up any significant stories until now with him making a strong case about the Ashley...

Posted on August 26, 2015 in Computer Security

Buy To Joy Ads

The Buy To Joy software is a textbook example of and adware infection and may appear on your 'Programs and Features' module as 'Ads by Buy to Joy 1.0'. Computer users may have installed the Buy To Joy adware along with a free video codec package via the 'Express' or 'Typical' option. The primary objective of the Buy To Joy adware is to earn affiliate revenue for its creators and the ads powered by Buy To Joy may be corrupted. Security authorities warn users not to click on the ads and links by Buy To Joy to avoid installing harmful software and visiting suspicious domains. The Buy To Joy adware may try to attract your attention with coupons, discounts and special deals for high-end phones, computers, and home appliances, but you should not be fooled. The Buy To Joy adware works similarly to MetroConcept and HugeApps and will use tracking cookies, DOM storage data and detect your...

Posted on August 26, 2015 in Adware

The domain can not be accessed from clean computers, and if your homepage is set to then you are infected with a browser hijacker. The browser hijacker in question is distributed with free software bundles typically. The hijacker presents users with a custom build of the Google engine that is operated by advertisers. Users infected with the browser hijacker are subjected to use its services. Affected users should expect to see banners, pop-up windows and transitional full-page ads loaded with promotions from various advertising networks. However, the activities of the browser hijacker may lead users to visit untrusted websites where threats like ScrInject and Script-inf could compromise their security. The browser hijacker may allow its operators to urge users to install software like GuardCenter and...

Posted on August 26, 2015 in Browser Hijackers


The MovixMuze brand of software has a bad reputation and is connected to a browser hijacker and adware. The MovixMuze browser hijacker is linked to and once on your computer will prevent you from changing your browser settings to other search engines. Additionally, the MovixMuze adware component will load many ads in your Internet browser and subject you to a torrent of commercials from sources that may not be legitimate. Both components of the MovixMuze software package are distributed among PC users embedded with free program installers. The MovixMuze program may edit your Windows Registry to start at system boot-up to ensure its operations. Computer users infected with the MovixMuze browser hijacker may see several tabs opening in their browser as soon as they log-on and. Also, the MovixMuze adware component may load several pop-up windows when you enter...

Posted on August 26, 2015 in Browser Hijackers

MetroCleaner Ads

The MetroCleaner browser extension may be offered to you as a tool that can quickly clean cookies, your browsing history and make sure you are not followed by advertisers on the Internet. However, the MetroCleaner extension is in fact adware that will help advertisers deliver marketing content in your browser. Contrary to what is being promoted to do, the MetroCleaner adware will use your browsing and download history to display tailor-suited marketing offers. Moreover, advertisers that sponsor the MetroCleaner adware will have knowledge of your approximate geographical location and preferred websites. The MetroCleaner adware may use session cookies to make sure that different web surfers see different ads and maximize its efficiency. Security investigators remind users affected by MetroCleaner that ads powered by adware often lead to harmful domains and promote programs like...

Posted on August 26, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 961