Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,986,287 -1%
2 Conduit Search/Toolbar 1,423,614 -1%
3 PUP.SupTab 957,235 -2%
4 PUP.InstallCore 875,962 -1%
5 PUP.SuperWeb 844,282 -1%
6 PUP.Optimizer Pro 843,508 -1%
7 Adware.Multiplug/Variant 767,039 -1%
8 Iminent Toolbar 671,602 -0%
9 Hijacker 639,033 0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

The Asia Search engine located on is developed by Oxygen Group that is located in Singapore and offers advertisers to use their search engine to promote locally. Also, is related to a browser hijacker that might be dispersed among Web surfers via free software bundles. The browser hijacker may appear as an extension, add-on and Browser Helper Object on infected computers. The Asia Search engine is not considered to be a threat, but the browser hijacker linked to may modify your browser settings without your notice and divert your Internet traffic. As stated before, the search engine is used by Oxygen Group to provide advertisers with a platform to present their commercials. When users type keywords on the Asia search engine is designed to produce six results that feature the desired keyword string and...

Posted on October 7, 2015 in Browser Hijackers

Celebrities by inMind Ads

The Celebrities by inMind browser extension that users may find in the Chrome Web Store and free software bundles is a product of APN, LLC ( Partner Network) that created the Media Search App browser hijacker. The Celebrities by inMind software may be offered to you as a news platform that hosts regularly updated information on celebrities. The Celebrities by inMind software may land on your PC via freeware bundles that most users might install with the 'Express' or 'Typical' option. The Celebrities by inMind software is perceived by security experts as adware because most of its operations are dedicated to advertising products and services from sponsors. Also, the Celebrities by inMind aware may change the design of your new tab page and set your homepage to The Celebrities by inMind adware is similar to Kele55 and Movies Toolbar and might slow down your browser...

Posted on October 7, 2015 in Adware

Screen Snapshot Ads

The Screen Snapshot software by Wisemana, Inc. is advertised as the most convenient way to take customizable screenshots of your desktop. The Screen Snapshot app by Wisemana may arrive on your computer as an additional offer in a freeware package, or you can download it from You may want to know that Screen Snapshot is deemed by security analysts as adware because it may push advertisements in your browser and redirect you to potentially harmful domains. The ads powered by the Screen Snapshot adware may appear as banners, coupons, discounts and video commercials on YouTube and Dailymotion. The Screen Snapshot adware may use a browser plug-in to inject sponsored content on the pages you load in your Internet browser. It may edit your Windows Registry to become the default app when you use the Print Screen button on your keyboard and show pop-up windows with...

Posted on October 7, 2015 in Adware

HDRoot Bootkit

The HDRoot bootkit trojan is developed by the black hat hacker group dubbed Winnti Group that is classified by malware researchers as an Advanced Persistent Threat (APT). Most attacks that involve the HDRoot bootkit are carried out in South Korea,, and there are strands of HDRoot seen across Europe. The HDRoot bootkit is designed to inject code in the built-in Net Command tool by Microsoft in Windows to execute its operations covertly. The functionality of net.exe (Net Command) is not altered, and users might not see symptoms of an infection with the HDRoot bootkit. The HDRoot bootkit is known to use security certificates from Chinese firms to avoid raising suspicion. The HDRoot malware is programmed to access the Master Boot Record (MBR) of hard-drives to open a backdoor to the infected system. The HDRoot bootkit trojan can insert a registry key in Windows to instruct the OS to load...

Posted on October 7, 2015 in Trojans

Security Researchers Disrupt Ransomware Attackers Campaign, Looking to Lose $34 Million in Revenue

Attackers who have dished out about half of recent ransomware threats have had their campaign disrupted, and they look to losing about $34 million in revenue. The disruption of a massive ransomware campaign that is reportedly responsible for 50% of all deployments of ransomware through the Angler exploit kit have left attackers in a case where they could lose $34 million of their revenue by the end of the year. Through the use of servers from the infrastructure of the cloud service provider, Limestone Networks, the criminal group behind a large ransomware operation was able to create the largest delivery platform known. Ransomware threats continue to be an emerging type of malware that utilizes clever techniques to hold an infected PC for ransom while the attackers welding such threats collect money from computer users who succumb to such campaigns. As we know all-too-well,...

Posted on October 7, 2015 in Computer Security

Piccshare Ads

Piccshare is a piece of software developed and distributed by HTTO Group, a not so popular company in the world of software developers. The purpose of Piccshare is to provide users with a neat and convenient way to quickly browse, arrange and share photos they find on their computer or the web. However, what some users might not know is that Piccshare relies solely on paid advertising to generate profit for its authors. This means that users who opt to install Piccshare also agree to have their web browsing sessions bombarded with all kinds of advertisements that are annoying to say the least. Piccshare may be installed stealthily, so users may see the Piccshare ads, and they have no idea that this software is installed on their computer. The reason for this is the primary propagation technique that may be used to distribute Piccshare – software bundling. The Piccshare adware may...

Posted on October 6, 2015 in Adware


PCBooster is a Potentially Unwanted Program that may appear on your computer out of nowhere. The sudden appearance of PCBooster may come as a surprise to many users, but most of them may not be aware that they may have accepted to install this application unknowingly. PCBooster may be offered as an optional addition when users install free applications like media players and PDF readers, so it is very easy to install the PCBooster software accidentally But what exactly is PCBooster? According to its authors, this is a program that can make the maximum out of your PC's hardware, and, therefore, improve your computer's overall performance. The PCBooster application may sound like a great utility to have, but you should be aware that its advertising is strongly exaggerated. PCBooster isn't as sophisticated as it sounds, and it doesn't work as well as you'd like. In fact, many users that...

Posted on October 6, 2015 in Possibly Unwanted Program

’844-618-6702′ Pop-Ups

Have you recently seen pop-ups or web pages that advise you to call 844-618-6702 because there seems to be an issue with your computer's security? If the answer is 'Yes,' then you may have visited a compromised web page, or you have a low-level cyber threat installed on your computer. The pop-ups and ads used to promote the 844-618-6702 phone number have one single purpose – to lure innocent users into a sophisticated online technical support tactic whose goal is to take money and information from PC users. Usually, pop-ups associated with 844-618-6702 may contain information about a virus infection, corrupted system files or other severe PC issues whose primary purpose is to scare the user. For example, one of the threats that may be mentioned in the pop-ups is TRJ.DealXware.Stealth2. However, you must remember that all messages accompanied by the 844-618-6702 phone number are...

Posted on October 6, 2015 in Adware

StreamX Ads

The StreamX browser plugin is advertised as a tool that can upgrade your video and music streaming capabilities to the next level and allow you to stream in 1080 pixels and 320 kbps audio. Many PC users may want to install the StreamX plugin because of its browser integration and advertised features, but it is adware that is not likely to live up to your expectations. The StreamX adware fills the same niche as SnapMyScreen and Viralix Video and may use session and Adobe Flash cookies to record your search terms on Google and Bing. The StreamX adware may use that information to show related advertisements on banners, transitional ads and pop-up windows. Security researchers reveal that the StreamX adware may read the meta tags of pages you visit and use JavaScript to inject inline ads and redirect users to affiliate services. The StreamX adware may substitute the native ads on Best...

Posted on October 6, 2015 in Adware

Net-clean Ads

The Net-clean browser extension is promoted as bein able to give users an additional security layer when purchasing products on e-commerce platforms like Amazon, eBay, Walmart and Best Buy. According to, the Net-clean extension can protect your credit card data and erase your browsing history to prevent access by unauthorized third parties to your billing information. However, security investigators classify the Net-clean extension as adware because it might block safe ads on trusted stores and feature links to less-reputable alternatives. Additionally, the Net-clean adware may use tracking cookies and detect your approximate geographical location to show related deals and offers. The Net-clean adware may display banners, pop-up windows, ad-boxes and full-page promotions that may be corrupted. Users that are affected by the Net-clean adware may be redirected to...

Posted on October 6, 2015 in Adware

Princess Games Ads

The Princess Games browser add-on is oriented towards teenagers and young girls and may allow users to play Adobe Flash games based on popular movies, music videos and fairy tales. However, under that innocent front hides an adware-powered add-on that may read your Internet browsing history and use tracking cookies to find out what type of ads you may be interested in. Security experts perceive the Princess Games add-on as adware that may deliver advertisements from untrusted sources and send usage statistics about your Internet browsing. The Princess Games adware may set as your homepage and a new tab and disable your browser's built-in pop-up block mechanism. Additionally, the domain that hosts the Princess Games adware is related to several harmful domains according to web filters and users are not advised to click on its ads. The Princess Games...

Posted on October 6, 2015 in Adware

PackEditorTools Ads

The PackEditorTools software is deployed to users as a platform for accessing leading design programs and might be found incorporated to freeware packages. The PackEditorTools software is developed by the infamous Tuto4PC that is known for developing riskware such as DynamicWPaper , MobilePCStarterKit and MySoftToday . The PackEditorTools software is developed in the fashion of Tutu4PC products and may use tracking cookies, DOM storage data and read your browsing and download logs to show customized promotional materials. The PackEditorTools software is considered a Potentially Unwanted Program (PUP) with adware capabilities that might decrease your system performance. The PackEditorTools software may use pop-up and pop-under windows in your Internet browser to promote third-party software like Super Optimizer , Tarma Installer and System Healer that may cause system errors....

Posted on October 6, 2015 in Possibly Unwanted Program

AltoNav Ads

The AltoNav browser add-on is supposed to be a URL competition tool that can correct navigational errors according to AltoNav's site and free software packages it comes with. However, the true purpose of the AltoNav add-on is to show marketing materials in your browser and claim affiliate marketing revenue for its creators. The AltoNav software is not so different from the AdvanceElite and NetNucleous adware and may use session cookies, Web storage data and read your Internet surfing history to display tailor-suited advertisements. The ads brought by the AltoNav in your browser may take the form of coupons, limited-time deals, banners and discounts and overpopulate your screen when you visit stores like Amazon, Best Buy and eBay. Additionally, the AltoNav adware may promote riskware like Tuneup Pro and SpeedyApp via pop-up and pop-under windows to earn pay-per-install revenue....

Posted on October 6, 2015 in Adware

Downloadme Ads

On and freeware bundles, users may find the Dowonloadme software being promoted as 'a smart and up to date application designed to provide a comprehensive solution to create and manage download tasks.' However, the Dowonloadme software is classified by security researchers as adware because it is not digitally signed and may show numerous promotional materials in the browser of users who installed it. The Downloadme adware may show pop-up and pop-under windows that urge users to contact technical support services and install rogue security applications like Antivir Solution Basic and Vista Antivirus 2014 . The Downloadme adware may appear in your browser's extension manager and write an entry in your Windows Registry to handle your download tasks. Additionally, the Downloadme adware may start with Windows and appear in your 'Programs' section of your start menu....

Posted on October 6, 2015 in Adware

Weatherping Ads

The Weatherping software is advertised as a desktop widget that can help users decide whether to take an umbrella today or not accurately as well as access weather reports for locations all over the globe. Computer users can install the Weatherping software by downloading it from or may install it with many freeware bundles that can be downloaded from the Web. The Weatherping software is perceived by security analysts as adware because it provides users with limited information, does not have a publicly known publisher and developer and may display many promotional materials. The Weatherping adware may install a browser extension to your Internet browser to show promotional materials in the form of banners, pop-up and pop-under windows. The Weatherping adware may read your browsing history logs to show coupons and discounts when you visit Walmart, eBay and Amazon....

Posted on October 6, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 977