Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,109,776 7%
2 Conduit Search/Toolbar 1,588,409 4%
3 PUP.SupTab 1,174,950 14%
4 PUP.SuperWeb 996,601 11%
5 PUP.InstallCore 974,853 7%
6 PUP.Optimizer Pro 948,831 6%
7 Adware.Multiplug/Variant 904,168 9%
8 Iminent Toolbar 799,348 11%
9 PUP.CrossRider 700,309 15%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Cybercrooks Hack IRS Website & Steal Data of More Than 100,000 Taxpayers

With technical knowledge and the information of the world readily at our fingertips, the things that attempt to make our lives easier sometimes end up making matters worse. Case in point, an unnamed cybermafia group utilized the "Get Transcript" app, which is supposed to make it easy to download IRS tax forms and other tasks for those who need the proper documentation in the event of applying for a mortgage or college financial aid, to download forms on over 100,000 individuals. The attack, which was claimed to be from a sophisticated organized crime syndicate organization, used the IRS website to steal personal financial data on 104,000 taxpayers. In the process, the cybercrooks attempted to make away with downloads of forms for as many as 200,000 taxpayers but were only able to make away with half of that target. The IRS has long been a target for cybercrooks, and the tax...

Posted on May 27, 2015 in Computer Security

The domain is used by adware developers to earn affiliate revenue by promoting the fake technical services on 1-888-270-6403 via pop-up windows. Users may have installed the adware linked to as a browser add-on that was part of a free software bundle. The adware is programmed to display pop-up windows that suggest you have problems with your PC and should receive expert assistance on 1-888-270-6403. However, you should keep in mind that the pop-ups are generated by adware, and you should not follow instructions by adware. Moreover, the IP address of is connected to several cyber threats like Sality and Ramnit that are used by crooks to connect to infected PCs and steal banking credentials. As stated above, the pop-ups promote bogus technical services and users that called 1-888-270-6403...

Posted on May 27, 2015 in Browser Hijackers


The Trojan.Disabler.88 malware is classified as a trojan infection, and it can inject its code in the 'svchost.exe' host process to hide its operations. The Trojan.Disabler.88 malware is deployed in spam emails as an attached PDF file with a double extension that makes it executable. Researchers point out that the Trojan.Disabler.88 malware creates a service named 'WinSamSs' to edit the victim's Windows Registry to disable error reports, clear the 'page.sys' file and prevent users from booting in Safe Mode. Also, the Trojan.Disabler.88 malware disables remote assistance applications and hides its files in the ProgramData and Recycler folders. The Trojan.Disabler.88 malware is programmed to lock your computer, connect to a remote server to inform its operators of a successful infiltration and set a ransom note as your desktop background. The files on your computer are not encrypted as...

Posted on May 27, 2015 in Trojans


The MyDealBox shopping companion is advertised as a powerful tool that can expand your access to exclusive deals and discounts, but you may want to know that it is adware. Security analyst alert that the MyDealBox adware is dispersed among users with the help of freeware bundles that most users install with the 'Express' or 'Typical' option. Also, the MyDealBox adware may use tracking cookies, web beacons, read your browsing history and detect your approximate geographical location to display targeted marketing content. Moreover, the MyDealBox adware may detect your OS version and software configuration and promote riskware like EZDownloader and FreeHDSport TV to earn pay-per-install revenue for its developers. You may expect banners, pop-up windows and ad boxes by MyDealBox to appear while you surf the Internet. You should keep in mind that the advertisers connected to MyDealBox...

Posted on May 27, 2015 in Adware

ShopSafer Ads

If there are ads by ShopSafer in your browser than you are infected with adware. The ShopSafer adware is promoted as a personal shopping assistant, but its primary aim is to generate affiliate revenue for its developers. The ShopSafer adware may appear as a browser add-on, an extension and a Browser Helper Object that was recently attached. The ShopSafer adware has a web page and in most cases it arrives on the user's PC as a drive-by installation of free software. Security experts note that the ShopSafer adware is designed to run in the background and can show banners, in-text hyperlinks to partners, ad panels, pop-up and pop-under windows loaded with commercials. Additionally, the ShopSafer adware might use HTTP and Flash cookies as well as read your Internet history to create a unique advertising profile for you and display custom-made ads. You should keep in mind that the ads by...

Posted on May 27, 2015 in Possibly Unwanted Program


The FileOpener program is advertised as a toolbar for your Internet browser that can open any file when you drag and drop it. However, you might want to avoid installing the FileOpener program because it is ad-supported, and you should expect banners, pop-up windows and sponsored links to flood your browser. Security researchers perceive the FileOpener app as a Potentially Unwanted Program (PUP) with adware functionality. The FileOpener program can be seen listed under the 'Advanced' or the 'Custom' option of freeware packages and can be downloaded from Users should note that the FileOpener program writes and entry in Windows to ensure that it can download upgrades and fixes automatically. Security researchers underline that the FileOpener app may install the InstallCore platform and introduce adware on your PC. The adware related to FileOpener includes...

Posted on May 27, 2015 in Adware

The domain is deemed as harmful and associated by security analysts with a browser. The hijacker is designed to perform occasional redirects to and may promote harmful software. Users affected by the browser hijacker may want to know that it may have arrived on their PC as a browser assistant enclosed with free software bundle. The browser hijacker can manipulate Google Chrome, Mozilla Firefox, and Internet Explorer and redirect users when they type a URL address, click on links on a web page and do a search on Google. Moreover, the IP address of the domain is used by third-parties to deploy cyber threats like Fujacks and Clicker . Security analysts strongly advise against clicking on content and downloading software originating from...

Posted on May 27, 2015 in Browser Hijackers


The TheAdBlock browser tool is promoted as a powerful competitor of the AdBlock app found on, but you might want to know that TheAdBlock app is developed by the infamous WebPick Internet Holdings Ltd. The developer mentioned before specializes in developing low-quality alternatives of popular programs and TheAdBlock app is no exception. The TheAdBlock app may block the native ads on many websites, but it will present you with ads from sponsors that could appear as banners and pop-up windows. Therefore, security experts deem the TheAdBlock app as a Potentially Unwanted Program (PUP) with adware capabilities. The browser tool named TheAdBlock from WebPick Internet Holdings Ltd. can be found accompanying freeware packages under the 'Advanced' or 'Custom' option. Security experts note that TheAdBlock app may appear on your 'Programs and Features' list as a browser plugin...

Posted on May 27, 2015 in Possibly Unwanted Program

Unfriend Alert Ads

The Unfriend Alert browser add-on operates similarly to the Unfriend Check app and claims to improve the user's account functionality on Facebook. Users that seek such functionality may install the Unfriend Alert application from free software packages and download it from lesser-known software centers. However, you might want to know that the Unfriend Alert browser add-on is adware and security experts note that it can show many ads and read your browsing history. Moreover, the Unfriend Alert adware might use HTTP and session cookies to track your click on the Internet and generate ads related to what you are browsing. The ads by Unfriend Alert may appear as banners, pop-ups and ad boxes on every page you visit. Additionally, the Unfriend Alert adware may feature a logo from a security authority to claim credibility but you should not trust Unfriend Alert because it does not have a...

Posted on May 26, 2015 in Adware


The OptiDiscount software is offered to users in freeware bundles as a shopping companion that can provide you with optimal discounts for products on web stores like Amazon and eBay. Also, users may install the OptiDiscount software unintentionally via the 'Express' or 'Typical' option and may start to see an abundance of ads by OptiDiscount. Security experts classify the OptiDiscount app as adware because it can read your Internet and download history, as well as detect your approximate geographical location to customize the discounts, coupons and special deals provided to you. Additionally, the OptiDiscount adware may place tracking cookies to discern a pattern in your online behavior and determine what ads are best suited to your interests. The ads by OptiDiscount may take the form of banners, ad boxes and pop-up windows and web surfers could be redirected to untrusted domains. You...

Posted on May 26, 2015 in Adware

Cryptobot Ransomware

The Cryptobot program, also known as PayCrypt, is a member of the cryptomalware family that has its Twitter account managed by keybtc. The Cryptobot ransomware is deployed in spam emails as an attached file and users should not download content from unknown senders and follow links in spam emails. Malware researchers report that the Cryptobot ransomware is inactive since December 15, 2014, but modifications of the Cryptobot malware may surface. The Cryptobot ransomware is programmed to apply an RSA-1024 encryption mechanism to your videos, image and documents, and append '.keybtc@gmail_com' as the file extension. Also, the Cryptobot ransomware places a private key and a unique identifier on the PC that victims can use to contact the cyber criminals operating Cryptobot and ask for a decryption key. Users affected by Cryptobot are instructed to send their private key, unique identifier,...

Posted on May 26, 2015 in Ransomware


The FriendsBrowser browser add-on is developed by Linkular LLC and offers advanced social features in the web browser. The FriendsBrowser browser add-on can be obtained via freeware packages, and users may notice it listed under the 'Custom' or 'Advanced' option. Active social media users may be interested to install the FriendsBrowser add-on, but you might want to know that it is ad-supported, and you will have to tolerate ads by FriendsBrowser. Therefore, security researchers classify the FriendsBrowser browser add-on as a Potentially Unwanted Program (PUP) with adware capabilities. The FriendsBrowser add-on may record your browsing history, IP address and detect your approximate geographical location to help affiliate advertisers deliver tailor-suited ads in your web browser. The ads by FriendsBrowser may take the form of banners, ad boxes and pop-up windows that may clutter your...

Posted on May 25, 2015 in Adware


The MyGamesUniverse extension from Linkular LLC is promoted as a special collection of games that users can enjoy and share with their friends. However, you might want to know that The extension MyGamesUniverse is deemed by security experts as a Potentially Unwanted Program (PUP) with adware capabilities. The MyGamesUniverse program might record your search terms, IP, and MAC address in order to show related sponsored ads. The MyGamesUniverse program is delivered to users incorporated with freeware bundles that may contain more than two or three third-party applications. Often, the MyGamesUniverse program is accompanied by adware like Coupons and Fun , BeatTool and Better-Fox-Finder that can load more ads and use tracking cookies. You may wish to know that the MyGamesUniverse extension is compatible with Internet Explorer, Google Chrome and Mozilla Firefox and users may expect to...

Posted on May 25, 2015 in Adware

DealMine Ads

The DealMine shopping adviser may promise you to discover coupons and exclusive deals while you surf the Internet, but you should know that it is classified as adware. Security experts alert that the DealMine adware travels embedded with free software packages that the majority of users install with the 'Typical' or 'Express' option. The DealMine adware might present you with pop-up and pop-under windows, banners, floating ads, contextual and transitional commercials that can obstruct your Internet activities. Security experts add that the DealMine adware may appear on your 'Programs and Features' list as a browser plug-in and can read your browsing history and use tracking cookies. The DealMine adware may use HTTP and session cookies to create a unique advertisement profile for you and display related marketing offers. The main objective of the DealMine adware is to earn...

Posted on May 25, 2015 in Adware

Rockapps Ads

The ads by RockApps in your Internet browser may prove as an annoyance, and you may want to know that you are infected by adware. The RockApps adware is dispersed among users enclosed with free software installers that most users handle with the 'Typical' or 'Express' option. The RockApps adware may claim to provide users with discounts and special deals on powerful tools, but it might cover your browser surface with coupons, banners, and pop-up windows. Security analysts note that the RockApps adware may read your bookmarks and Internet history. Also, the RockApps adware is could detect your IP address and approximate geographical location to customize the marketing materials displayed in your browser. You may be interested to know that the RockAppsadware may appear as a browser plugin, toolbar, and an extension to perform its operation on your computer. Security analysts underline...

Posted on May 25, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 927