Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,111,252 -1%
2 Conduit Search/Toolbar 1,542,556 -1%
3 PUP.SupTab 1,143,028 -1%
4 PUP.InstallCore 951,654 -1%
5 PUP.SuperWeb 937,776 -2%
6 Adware.Multiplug/Variant 925,805 0%
7 PUP.Optimizer Pro 924,794 -1%
8 Iminent Toolbar 764,638 -1%
9 PUP.CrossRider 666,660 -2%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

The pop-up windows in your web browser may urge you to update your 'Flash Player HD' and feature the logo of the legitimate Adobe Flash Player. However, you should not download software from the pop-ups to avoid the installation of potentially harmful software. Security researchers reveal that the IP address of is recognized as a source of the DownloadNSave riskware and the MegaSearch adware. Therefore, users should not download and install programs from the pop-ups regardless of the visual elements and messages they are presented with. The adware responsible for pop-ups by in your browser may have entered your computer with a free program installer. The adware may use a browser add-on, an extension, a plugin and a Browser Helper Object...

Posted on July 1, 2015 in Adware

OptiSpace Ads

The OptiSpace program is a textbook example of adware and users should avoid installing it. The OptiSpace adware may arrive on your computer as an additional component of a freeware package that many users carelessly install with the 'Express' or 'Typical' option. The OptiSpace adware uses tracking cookies and a background process to record your search terms and what websites you visit in order to load customized commercials. The OptiSpace adware executes behavioral marketing and might present you with banners, coupons, full-page ads, pop-up and pop-under windows with third-party content. Needless, to say, the OptiSpace adware may feature links to harmful websites and insecure resources as long as its developers are paid to do so. Security experts warn users that the OptiSpace adware may promote fake software updates and rogue software such as Cyber Protection Center ,...

Posted on July 1, 2015 in Adware


Users who are always on the lookout for new software updates are often targeted by adware developers who deploy fake updates to spread adware, rogueware, and ad-supported low-quality toolbars. Responsible computer users should prefer the 'Custom' or the 'Advanced' option of freeware bundles to avoid the installation of the adware associated with the [RANDOM WORDS] subdomains. The first part of [RANDOM WORDS] denotes that the adware in question often uses different subdomains of to show pop-up windows in your browser. The adware that is responsible for the [RANDOM WORDS] pop-up windows may change your home page and temper with your Windows Registry to open a tab in your browser when you login to your account. The messages on the [RANDOM WORDS] pop-ups may suggest that your media player is...

Posted on July 1, 2015 in Adware


The Bit-Search search assistant, also seen as Bit Search, can be found in free software packages under the 'Advanced' or 'Custom' option. The Bit-Search application is programmed to change your default homepage, new tab search provider. Users may be attracted to install the Bit-Search assistant, but security researchers recognize it as a browser hijacker. The Bit-Search browser hijacker writes several registry entries in Windows to prevent users and programs from changing the browser settings and shows commercials. Additionally, web surfers will be subjected to use only the search engine and be presented with ads by sponsors via pop-up windows, banners, and in-text hyperlinks on web pages while users browse the Internet. Security researchers note that the Bit-Search browser hijacker may feature links to harmful domains and suggest users to install rogueware such as...

Posted on July 1, 2015 in Browser Hijackers


The LightningDownloader application may claim to speed up your video and music downloads and be listed as an additional offer under the 'Custom' or 'Advanced' option of freeware bundles. Security experts warn users that the LightningDownloader application is deemed as a Potentially Unwanted Program (PUP) with adware capabilities that function similarly to EZDownloader from WebPick Internet Holdings Ltd. The LightningDownloader app doesn't have a valid digital certificate and may connect to the Internet via unencrypted channels where data packages can be intercepted and modified by third parties. Needless to say, the LightningDownloader may expose users to corrupted binary. The LightningDownloader app may insert several keys in the Windows registry to become your default program for download tasks. Moreover, the LightningDownloader app may add a task in the Windows Task Scheduler to...

Posted on July 1, 2015 in Possibly Unwanted Program


The WhiteOffersApp may claim that it will supply your online shopping spree with Black Friday deals and promotions. The WhiteOffersApp is dispersed among users with freeware packages that most users handle with the 'Express' or 'Typical' option. However, security analysts classify the WhiteOffersApp as adware because its code is dedicated to generating pay-per-click revenue for its developers. The WhiteOffersApp adware may cover your browser surface with numerous coupons, exclusive offers, limited time deals and discounts loaded on banners, inline ads, pop-up and pop-under windows. The WhiteOffersApp adware is designed to read the metadata of pages you visit and show a special pop-up layer that features links to sponsored content. The WhiteOffersApp adware may promote Potentially Unwanted Programs (PUPs) such as BrowseMark and Cinem4s to earn additional pay-per-install revenue....

Posted on July 1, 2015 in Adware


Security researchers alert users that the developers of the WhiteCoupon browser add-on employ shady tactics to spread their app. Users may notice the WhiteCoupon add-on offered as a shopping companion under the 'Advanced' or 'Custom' option of freeware installers. The WhiteCoupon add-on is recognized as adware because its main objective is to push ads on your browser surface to generate affiliate revenue for its developers. Users affected by the WhiteCoupon adware may be presented wit many coupons, discounts and special deals loaded on banners, pop-up windows, and full-page transitional ads. Needless to say, the WhiteCoupon adware may decrease your browser productivity and obstruct you from enjoying videos and images on websites like DeviantArt and YouTube. The WhiteCoupon add-on falls in the same niche as other adware like Coupon Titan and CouponDownloader , and might use tracking...

Posted on July 1, 2015 in Adware


The DealBarium shopping advisor does not have anything in common with the silvery metal Barium except that it will solidify the presence of ads in your browser. The DealBarium browser extension may claim to be fun and easy to use, but it perceived by security experts as adware and users may experience pop-up windows, inline ads, and banners generated by DealBarium. The DealBarium adware has an official website located at, but users should not be fooled because a closer look at its Privacy Policy reveals that it uses several tools to show customized ads. The DealBarium adware may record your IP address, browsing history and use DOM storage data and tracking cookies to load offers from merchants that appear related to your Internet activities. The DealBarium adware may promote Potentially Unwanted Programs (PUPS) such as Accelimize and BatBrowse that may decrease your...

Posted on July 1, 2015 in Adware

Web Layers

The Web Layers program is advertised as a smart shopping consultant for your Internet client. The Web Layers program may present you with interlacing layers loaded with product offers to save you money, but it is ad-supported. Security experts classify the Web Layers app as a Potentially Unwanted Program (PUP) with adware capabilities because it may load several form of advertising in your browser. The Web Layers program travels embedded with free software packages and can be seen under the 'Advanced' or 'Custom' option. As stated before, the Web Layers app may show banners, inline ads, pop-under and pop-up windows to supply users with marketing materials from sponsors and earn affiliate revenue. The Web Layers app is developed by the infamous Yontoo Technology, Inc. that deployed the Sale Charger and the SerialTrunc adware. Therefore, you may be redirected to low-quality online...

Posted on July 1, 2015 in Possibly Unwanted Program


The SuperManCoupon app may appear on your 'Programs and Features' list after the installation of a free program via the 'Express' or 'Typical option. The SuperManCoupon claims to make online shopping super easy while it is attached to your browser, but security analysts deem it as adware. The SuperManCoupon adware has an official website but does not have a download button and its Terms of Use agreement feature vague information on its usefulness and omit the fact that it pushes numerous ads in your browser. Security analysts note that the SuperManCoupon adware works similarly to other adware such as the Realdeal and Couponarific , and may use tracking cookies, read your browsing and download history to customize its offers. Moreover, the SuperManCoupon adware may use a browser plugin to modify the operations of Internet clients like Google Chrome, Internet Explorer, and Mozilla...

Posted on July 1, 2015 in Adware

Gaping Security Hole in Flash Exploited by Cybercrooks to Deliver Crypto-Ransomware

Adobe Flash Player has long been the brunt of attacks by cybercrooks and hackers who look to exploit the many vulnerabilities found in the multimedia platform software over the course of several years. It is almost a monthly occurrence that we expect to see a new version of Flash Player roll out to address vulnerabilities exploited by hackers. In the latest rash of Flash Player exploitations, a gaping security hole was discovered allowing hackers to exploit it through a targeted attack eventually delivering ransomware from the Crypto Defense family. Such ransomware has been a serious force with multiple threats that are designed to encrypt files on an infected computer and later offer a decryption key for a ridiculous fee. Cryptoransomware, such as CryptoLocker , CryptoWall and others, have been brightly lit up on our radar screen as of late. Many of the emerging...

Posted on June 30, 2015 in Computer Security


The EmailDescontos shopping assistant may offer users to notify them of new coupons and discounts by email and browser notifications, but you should not provide your contact details and avoid installing it. Security researchers alert users that the EmailDescontos shopping assistant is adware that is designed to earn pay-per-click revenue for its developers by piling ads on your browser surface. The EmailDescontos adware has versions for all major web browsers that travel incorporated with free program installers to reach as many users as possible. You should keep in mind that security researchers do not perceive the ads by adware like EmailDescontos as safe, and you might be redirected to harmful websites. Additionally, the EmailDescontos adware may promote rogue software like RegistryPowerCleaner and Active Antivir that may cause critical errors and expose your system to advanced...

Posted on June 30, 2015 in Adware

The pop-up windows that appear while you surf the Internet may claim that you are a lucky visitor, but you may want to know that you are infected with adware. The adware associated with is used by third parties to earn revenue from users completing surveys. The pop-up windows may feature links to phishing websites where users are invited to input their login details for social media. The IP address of the domain is detected in communications of compromised servers, and you should not follow links on the pop-up windows. Moreover, the adware associated with may use tracking cookies and read your browsing history to present you with related surveys. Security experts note that the prizes on are bogus and are used to convince users to stay on...

Posted on June 30, 2015 in Adware

Bigprizezone.[RANDOM NUMBERS].inf

The bigprizezone.[RANDOM NUMBERS].inf pop-ups may suggest that you are a lucky visitor that has the chance to win a high-end phone after completing a short survey. However, you should not trust them because they are generated by adware on your computer that may have arrived with a free program that you installed with the 'Express' or 'Typical' option. Security experts note that the bigprizezone.[RANDOM NUMBERS].inf pop-up windows in your web browser may link to many subdomains of Bigprizezone.inf. The prizes that are promised on the bigprizezone.[RANDOM NUMBERS].inf pop-ups are not real, and adware developers are only after your clicks. The bigprizezone.[RANDOM NUMBERS].inf adware generates affiliate revenue for its creators while your attention is focused on the content provided on the bigprizezone.[RANDOM NUMBERS].inf pop-up windows. Moreover, the bigprizezone.[RANDOM NUMBERS].inf...

Posted on June 30, 2015 in Adware


The DeleteAd browser tool from WebPick Internet Holdings Ltd. may be offered to you as a secure way to block ads when you explore the 'Custom' or 'Advanced' option of a freeware installer. You may want to know that the DeleteAd browser tool is supported by advertisers, and it may block the native ads on websites you visit, but it will display ads by its sponsors. The DeleteAd browser tool functions similarly to other WebPick products such as Mini-Adblocker and Supreme AdBlocker that are known to feature ads by sponsors. Security analysts classify the DeleteAd browser tool as adware because it claims to delete ads, but in reality it shows ads from supported advertisers. Users infected with the DeleteAd adware may be offered to install additional adware such as GetDiscountApp to access marketing offers from supposedly trusted partners. Moreover, all of WebPick's products are known...

Posted on June 30, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 941