Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,004,870 1%
2 Conduit Search/Toolbar 1,431,688 -0%
3 PUP.SupTab 973,328 0%
4 PUP.InstallCore 882,923 -0%
5 PUP.SuperWeb 856,968 0%
6 PUP.Optimizer Pro 848,995 -0%
7 Adware.Multiplug/Variant 778,233 -1%
8 Iminent Toolbar 673,015 -1%
9 Hijacker 638,721 -0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

NaviWatcher Ads

The NaviWatcher software is promoted as a stand-alone security layer for active Internet users and can be found on The site recommends users to install the NaviWatcher app both to manage the children's access to Internet and block attacks on sites visited by employees. Users may install the NaviWatcher application as an optional offer that may be embedded into a freeware package. Security researchers alert that the NaviWatcher application is adware that functions like Web Protector and AdBlaster and may share non-personally identifiable data about you with third parties and show ads. Moreover, the NaviWatcher adware may display pop-up windows that urge users to download and install rogue security programs like A-Secure 2015 and XRJ Antivirus . These rogue apps will not protect users from cyber threats like Los Pollos Hermanos and F0xy , and the ads...

Posted on October 2, 2015 in Adware

LifeStyle by InMind

The LifeStyle by InMind browser extension that users may see listed on the Chrome Web Store and as an optional offer in freeware bundles is adware. The LifeStyle by InMind adware claims to offer users access to the latest information on lifestyle and provide them with links to leading wellness sites. However, the LifeStyle by InMind adware might cover your browser window with numerous commercials. The LifeStyle by InMind adware-powered extension might change your default search engine to a customized version of and place sponsored content and a search bar on your new tab page. Security experts note that the ads brought by the LifeStyle by InMind adware may not be safe and users may be redirected to potentially harmful domains. Also, adware threats like LifeStyle by InMind, Cinmus and SongLyrics may welcome users to install rogue AV products like Antivirii 2011 and XP...

Posted on October 2, 2015 in Adware


The Chinese chat client Kele55 by Jinhua Changfeng Information Technology Co., Ltd. is a free program that is fairly popular among the young people in China. One of the main reasons why the Kele55 app is so popular is that it offers users to join chat rooms of celebrities such as movie and music stars, dancers and trusted fitness gurus. Users may install the Kele55 IM client by using the 'Express' or 'Typical' option of a free package unknowingly. The Kele55 IM client is considered as a Potentially Unwanted Program (PUP) that non-Chinese speakers may want off of their PCs. Also, the Kele55 application may suggest users to enter promoted chat rooms and display commercials about new music albums and videos. The Kele55 program may install a browser plug-in to display recommendations in your Internet browser. Also, Kele55 may use session cookies and read the meta tags of pages you visit...

Posted on October 2, 2015 in Possibly Unwanted Program


The SoundJunkies extension is a product of APN, LLC. Distributed by InMind, Inc. on, the Chrome Web Store and via freeware bundles. The SoundJunkies browser extension functions similarly to Fm1 – Radio and may give users access to third-party content related to audio tracks, music videos, and radio. However, security analysts classify SoundJunkies as adware, because it collects several types of non-personally identifiable data to help advertisers deliver tailor-suited commercials. The SoundJunkies adware is aimed at users of the Google Chrome browser, but may affect Internet Explorer and Mozilla Firefox as well. As stated before, the SoundJunkies adware may use tracking, HTTP and session cookies to deliver tailor-suited ads in your browser. The ads powered by SoundJunkies may take the form of banners, pop-up windows and full-page promotions. The SoundJunkies...

Posted on October 2, 2015 in Adware

VAFCompressor Ads

The VAFCompressor program by TUGUU SL is promoted as a tool that can reduce the size of VAF files and users may see it incorporated with freeware bundles. However, TUGUU SL is not known for its useful apps and associated with a plethora of adware. The VAFCompressor program falls in the same category as New Player and Ifishplayer and is deemed as adware. Security researchers alert that the VAFCompressor adware does not have an official site and a valid digital certificate. The VAFCompressor adware may attach a plug-in to your Internet browser and represent a vulnerability that may be exploited by third parties. The VAFCompressor adware works similarly to the DomaIQ and Actual Click Shopping adware and may use Web storage data and your IP address to generate tailor-suited advertising content. The VAFCompressor adware may display banners, floating ad-boxes, pop-up and pop-under...

Posted on October 1, 2015 in Adware

Movie Junkies

The Movie Junkies browser extension is developed by APN, LLC and is distributed by InMind, Inc. with freeware bundles as an optional offer. The Movie Junkies browser extension may claim to offer web surfers a quick access to real-time news on movies, spoilers, reviews, and trailers, but it is adware that might cover your browser with commercials. Also, the Movie Junkies adware may change your new tab settings and default search engine to The Movie Junkies adware is very similar to 123HD-Plus and FilmFanatic Toolbar and may use DOM storage data and session cookies to customize the marketing content it displays in your Internet browser. Security experts note that the advertisements displayed by the Movie Junkies adware may feature links to harmful domains and start drive-by downloads of riskware such as NextLive and Onekit . Moreover, the IP address of

Posted on October 1, 2015 in Adware

WinFilter Ads

The WinFilter application can be found at and users may install it along with a free program setup. You may have accidentally installed WinFilter and want to know that it is adware. The WinFilter adware is promoted on its web page as a tool to clean-up your Internet browsing traces in Google Chrome, Internet Explorer and Mozilla Firefox. However, the WinFilter adware might make sure that its tracking cookies would stay on your PC to be used for behavioral marketing. The WinFilter adware is a variant of the bProtect cyber threat and is not likely to keep your computer stable and secure as it promises on its web page. Additionally, the WinFilter adware may divert your Internet traffic via the servers of advertisers and slow down your Internet client. The WinFilter adware may show pop-up and pop-under windows with promotional materials from untrusted ad networks and...

Posted on October 1, 2015 in Adware

Shopify Left Users at Risk with Refusal to Fix RFD Vulnerability

Shopify has long been a major staple for assisting business owners to have a presence on the internet to sell and market their products. So far, from the statistics and feedback from Shopify users, the services have proved its worth many times over and continue to be one of the most popular streamlined methods of selling products over the internet for a wide demographic of business owners who are new to internet marketing. On the flip side of all that's good in the world of Shopify and their offered services, Portuguese Web security researcher David Sopas uncovered a RFD (Reflected File Download) vulnerability within Shopify's platform. The vulnerability is one that relied on hackers to craft up URLS that if clicked on it would open a file download that seems to come from a trusted site. The file downloaded on the questionable site that pretends to be a trusted source contains...

Posted on September 30, 2015 in Computer Security

DealHut Ads

The DealHut browser extension is not associated with the legitimate e-commerce platform on and is adware. The DealHut adware is created to benefit from the reputation of the aforementioned online shop and generate pay-per-click revenue for its developers from trusting online buyers. The DealHut adware may be found embedded into freeware packages that many users prefer to install with the 'Express' or 'Typical' option. Security researchers reveal that the DealHut adware is known to work with all Web browsers using the Webkit engine such as Google Chrome, SRWare Iron and Chromium and may affect Internet Explorer and Mozilla Firefox. The DealHut adware may show numerous banners, pop-up and pop-under windows on the screen of infected users when they shop on Amazon, eBay, Walmart and Best Buy. Moreover, the DealHut adware may read the meta tags of pages you visit to insert...

Posted on September 30, 2015 in Adware

HaggleDazzle Ads

The HaggleDazzle app is promoted on and freeware bundles as a tool that can give you access to coupons and discounts to many products online that are restricted to users of HaggleDazzle. The HaggleDazzle appreciation is a browser plug-in that comes from the same company behind the AllStarDeals , Big-Bonus and Swytshop adware. Security experts deem the HaggleDazzle plug-in as adware because it uses session and tracking cookies to personalize the abundance of advertisements that it pushes in your Internet browser. The HaggleDazzle plug-in is cross-compatible, and it might affect Internet browsers based on Webkit, Trident and Gecko rendering engines. The HaggleDazzle adware may present infected users with pop-up and pop-under windows that advertise third-party software like FLVPlayerAddon and ItsMyApp that may slow down your browser. Also, the banners, ad-boxes,...

Posted on September 30, 2015 in Adware

Ads by Internet Browser

The slogan 'Ads by Internet Browser' can be seen on pop-up windows, banners and full page promotions in the Internet client of users affected by adware. Adware developers often use general names for their software to avoid detection and raising suspicion as seen with Browser Advertising and Internet Program The Internet Browser adware is not a stand-alone program to preview content on the Web. It may appear as a browser Browser Helper Object and add-on on your 'Programs and Features' list. Ironically, the Internet Browser adware has an official site named where it is promoted as the most private way to surf the web. The Internet Browser adware functions the same way as Adorika and AdSupply and may detect your approximate geographical location and use session cookies to customize the advertisements it displays on your screen. The Internet Browser adware is...

Posted on September 30, 2015 in Adware

‘’ Pop-Ups

Adware displays the '' pop-up messages in your Internet browser claiming users are experiencing 'error 895-system 32.exe failure.' The '' pop-up windows may urge users to call 888-603-4618 and rectify their issues, but you should abstain from doing so. The 888-603-4618 phone number is related to several financial scams and is employed by fake Microsoft technicians. The aforementioned fake technicians attempt to scare users with statements that their PCs are infected with severe cyber threats that could steal their credit card data, photos and Facebook profile. Their goal is to justify a fee of almost $300 and convince users to give them remote access to their PCs. Needless to say, users that experience pop-ups by should not follow instructions displayed by its adware to avoid installing harmful software and...

Posted on September 30, 2015 in Adware


MWZLesson is a Point-of-Safe trojan that contains strains from the Dexter and the Neutrino malware and is similar to vSkimmer . Security experts speculate that the MWZLesson trojan is dispersed by physically tampering with POS terminals and attaching a corrupted USB drive that contains the payload of the MWZLesson malware. The MWZLesson POS trojan is designed to record data read by credit card readers and send the data over HTTP protocol to its Command and Control servers. The MWZLesson POS malware uses the default browser of infected PCs to make GET and POST requests to the Internet and send the collected data. Moreover, the MWZLesson trojan can receive commands to download and run VBS and EXE files and implement DLLs via the regsrv tool. The cybercriminals operating MWZLesson can instruct it to update its components and set a time interval for communication sessions to be...

Posted on September 30, 2015 in Trojans

Ayoora Ads

The Ayoora extension may be offered to users in free software bundles and as a reference tool that could find content similar to what is loaded in your Internet browser currently. The Ayoora extension may support Internet Explorer, Mozilla Firefox and Google Chrome and use an array f tracking technologies to execute its operations. Security analysts perceive the Ayoora extension as adware because it is designed to load many types of advertisements in the user's browser. The Ayoora adware may present users with banners, pop-under windows and add sponsored search results on Google and Bing. As stated above, the Ayoora adware might use session, HTTP and Adobe Flash cookies to detect your approximate geographical location and distinguish your preferred content on the Internet. Security analysts note that Ayoora functions very similarly to Salesmagnet and The Results Hub and...

Posted on September 29, 2015 in Adware

GreenPlayer Ads

The GreenPlayer browser plug-in is promoted on as a lightweight tool for active media users that can help them find subtitles, arrange playlists and resize video players across sites like YouTube. The GreenPlayer browser plug-in is available for download on its official web page and is installed via freeware packages predominantly. However, users might want to know that the GreenPlayer plug-in is deemed as adware. Security researchers note that the GreenPlayer adware might work as a background process on infected machines and include a task to the Windows Task Scheduler to update its components automatically. The GreenPlayer adware may download and install third-party applications like FaceThemes and FriedCookie that could crash your browser and slow it down. The GreenPlayer adware-powered plug-in functions similarly to other adware like Vidx and might read...

Posted on September 29, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 975