Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,971,057 -1%
2 Conduit Search/Toolbar 1,411,654 -1%
3 PUP.SupTab 930,371 -1%
4 PUP.InstallCore 873,004 -1%
5 Adware.SuperWeb 844,893 -2%
6 PUP.Optimizer Pro 829,532 -1%
7 Adware.Multiplug 736,227 -1%
8 Elex Hijacker 657,782 -2%
9 Iminent Toolbar 651,585 -1%
10 Hijacker 639,485 -0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles


LaSuperba may be associated with numerous problems that may be caused by PUPs (Potentially Unwanted Programs). LaSuperba may interrupt the computer users' activities when browsing the Web and cause performance problems on affected Web browsers. LaSuperba is linked to an adware that may affect most commonly used Web browsers on the Windows operating system, including Internet Explorer, Mozilla Firefox and Google Chrome. LaSuperba advertisements may take the form of irritating pop-up messages that make it very difficult to use the affected Web browser. In most cases, removing adware associated with LaSuperba will stop LaSuperba advertisements from appearing on affected Web browsers. However, most adware infections do not come alone; the presence of one adware component may indicate the presence of others, all of which may be connected with LaSuperba and similar unwanted content....

Posted on August 31, 2015 in Adware

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Adware on your machine is generating the security alerts by that feature a female voice informing you of a security breach. Adware applications are not harmful but may expose users to advanced cyber threats like Brapps and provide misleading information. In the case with, the adware on your PC may use an Adobe Flash animation that resembles a security scan of system files and use JavaScript to show persistent pop-up messages about Error code 0x8007042c. Security researchers report that error 0x8007042c is associated with Windows Firewall and may is used to specify a problem with correlating services that are part of the Windows Firewall. The adware linked to can`t stop your Windows Firewall and uses Error code 0x8007042c to scare inexperienced and uninformed PC users. However, the adware...

Posted on November 26, 2015 in Browser Hijackers

Shopping Optimizer

The Shopping Optimizer browser add-on by Shopping Optimization Solutions LTD is a modified version of the iDeals (a.k.a. iDeals Shopping Optimizer) adware that may find its way into your system with a freeware installer. The Shopping Optimizer adware may be offered to you as a helpful tool that can help you save more money as you shop more on affiliate online stores. However, the primary objective of the Shopping Optimizer adware is to earn pay-per-click revenue for its creators and might drive a torrent of advertising content in your browser to achieve its goal. The advertising content that the Shopping Optimizer adware may display on your screen may be corrupted, and you risk visiting untrusted domains. The Shopping Optimizer adware may edit your security policies in the Windows Registry, and you may be exposed to advanced cyber threats like Proslikefan and Tracur. The ads by...

Posted on November 26, 2015 in Adware

GetFlightInfo Toolbar

GetFlightInfo Toolbar is advertised on freeware packages and to help users plan their flight, save money on tickets and travel safely. The GetFlightInfo Toolbar may change your default search engine to a customized version of and slow down your browser while providing information on flights on a panel placed on your new tab page. You might want to know that the GetFlightInfo Toolbar is developed by Mindspark Interactive Network, Inc. that are known for creating adware, browser hijackers and riskware like DirectionsAce and EverydayLookup. Security analysts deem the GetFlightInfo Toolbar as a Potentially Unwanted Program (PUP) that does not have any functionality of its own apart from showing promotional materials on banners, pop-up windows, and sponsored search results. The GetFlightInfo Toolbar may provide users with flight information by redirecting...

Posted on November 26, 2015 in Possibly Unwanted Program


The iPadian program is advertised on as an answer to some users that want to run games and apps for Mac OS on their Windows OS computer. The iPadian software claims to be a powerful iOS simulator for Windows, but our researchers report otherwise. iPadian is classified as a Potentially Unwanted Program with adware capabilities that might cause system errors, decrease your computer performance and hog up your system resources to aid cloud computing tasks. The iPadian software may allow you to run a limited number of apps for iOS and read ebooks in a similar fashion to iPad, but it may prove resource heavy and prevent you from loading other applications on your Windows OS. Security researchers report that the installer of iPadian is found to contain adware like Live Video Search Plus, DownPay, and Emotypecon. The adware applications that travel incorporated with iPadian may...

Posted on November 26, 2015 in Possibly Unwanted Program

Shoppers Should Beware of 2015 Black Friday and Cyber Monday Malware

With every year during the holiday season, it brings about family gatherings, full stomachs, and Black Friday/Cyber Monday malware and security threats at higher rates than ever before. That's right; we predict 2015 to be the worst year yet for shopper's security due to various malware threats, specifically point-of-sale threats targeting payment processing systems. Point of Sale (PoS) malware threats has long been a major annoyance and gateway for cybercrooks to garner large sums of money at the expense of shoppers. Usually, PoS malware is stealthy where it remains to be hard to detect and used in broad campaigns targeting vulnerable systems that lack the necessary security patches and updates. With a given checkout system, PoS malware can infiltrate the payment processing. Where some of the systems should be isolated from other networks, those attacked by PoS malware are...

Posted on November 25, 2015 in Computer Security

Serpens Ads

The Serpens application may be promoted in freeware bundles as a friendly tool for users that are interested in astrology and astronomy. The Serpens application may appear in your Internet browser as a toolbar and place links to,, and on your new tab page. Users may be fond of the features that Serpens provides, but it is adware and may load many ads in your browser and clutter your desktop. Security researchers note that the Serpens adware functions similarly to SmartPurple and Shopping Sidekick and may display banners and floating ad-boxes to deliver coupons, discounts and limited-time deals to infected users. The Serpens adware may load pop-up and pop-under windows to invite users to install riskware like ItsMyApp and FileScout and earn pay-per-install revenue for its creators. Moreover, the Serpens adware may use persistent...

Posted on November 25, 2015 in Adware

Jazz Spot Ads

The Jazz Spot program may be advertised to you as the perfect browser plug-in for users interested in Jazz music and history. The Jazz Spot program does not have an official site, and its End-User License Agreement can be found only in the freeware packages that incorporate Jazz Spot. The Jazz Spot program may change the design of your homepage and new tab settings and ask to access your browsing history to perform its activities. The Jazz Spot browser plug-in may provide users with links to online resources like, and, and appear rather useful. However, the Jazz Spot software is deemed as adware that might cover your screen with pop-up windows loaded with marketing materials and perform occasional browser redirects to sponsored websites. Security authorities report that the Jazz Spot adware is created by Yontoo LLC and might use session cookies, Web...

Posted on November 25, 2015 in Adware

Royal Raid Ads

The Royal Raid browser plug-in may be offered to users that are interested in playing adventure games and watching documentaries on ancient cultures. The Royal Raid plug-in is promoted as a customized news feed for your browser that can deliver up-to-date news on archeology and anthropology right on your start page. The Royal Raid plug-in is created by Yontoo LLC and is deemed as an adware that appears to be a modified version of Enter Voyage and Discovery App . The Royal Raid adware may arrive on your computer incorporated with a freeware package, or you may install it with the 'Typical or 'Express' option unintentionally. Security analysts note that the Royal Raid adware might affect all browsers that run the Gecko, Trident and WebKit engines at their core. The Royal Raid adware is classified as a strand of the BrowseFox adware and might utilize Web beacons, pixels, HTTP and...

Posted on November 25, 2015 in Adware

Golden Dock Ads

The Golden Dock software may be offered to you as a browser plug-in that will optimize your new tab page and allow you to place shortcuts to your favorite websites. At first, users may be interested in installing the Golden Dock software but they should know that the infamous Yontoo LLC, the developer of Golden Dock, is responsible for adware, browser hijackers and riskware like Desktop Dock , PC Privacy Dock and Bubble Suite . Think carefully before installing the Golden Dock program. Security investigators recognize the Golden Dock app as an adware that may collect information such as your IP address, software configuration and browsing history without your knowledge. The Golden Dock adware might use an array of pop-up and pop-under windows to present users with promotional materials from less known online stores that may not be able to protect your privacy and credit card data...

Posted on November 25, 2015 in Adware

Cat Dog Ads

The advertisements that feature the slogan 'Powered by Cat Dog' are displayed by adware on your PC. Adware applications may spread via freeware bundles that most users install with the 'Express' or 'Typical' option. Cats and dogs may be troublesome and ravage your furniture, but the Cat Dog adware may redirect you to phishing Web pages that are designed to look like Facebook, PayPal, Amazon and online banking portals. Needless to say, users should be careful where they type in their login details. The Cat Dog adware is not considered a severe cyber threat, but it might welcome users to install badware like NetworkUpdate and Meinv . The Cat Dog adware may be listed as a browser plug-in in your 'Programs and features' list and may not list its publisher. Security researchers can shine a light on that matter and report that the Cat Dog adware is a member of the Yontoo family of...

Posted on November 25, 2015 in Adware

PUP.Kometa Browser

The Kometa Browser from the Russian company Kometa LLC may arrive on your computer under the 'Advanced' or 'Custom' option of a freeware package and become your default Internet client without you noticing it. The Kometa Browser is built on the foundation of the Chromium project that Google Inc. uses for their browser. Moreover, the Kometa Browser may block your access to Google Chrome if you have it installed on your computer. Additionally, the icon of the Kometa Browser is not so different from the Chrome's icon, and its interface is almost indistinguishable. An entry in the About section of the Settings panel is one of several little differences between the Kometa Browser and Google Chrome related to its appearance. However, there are several considerable differences between Chrome and Kometa that are under the hood. Security investigators perceive the Kometa Browser as a...

Posted on November 24, 2015 in Possibly Unwanted Program


The earliest detection of the cyber threat called Trojan.Scar.pdb dates back to 2009, and it is known to hide its files under names that are used in updates by Microsoft for Windows XP, Vista and Seven. Trojan.Scar.pdb is a Trojan Dropper that may be dispersed as an attached file to spam mail or be deployed via the HanJuan Exploit Kit . The Scar.pdb Trojan-Dropper may corrupt Internet Explorer and change your Windows Firewall settings to connect untrusted domains and download malware like BitCrypt that can encrypt your files and demand ransom for the decryption key. Also, the operators of the Trojan.Scar.pdb malware may use it to collect statistics like your hardware components, installed programs, Internet Service Provider, IP address and router configuration. The Trojan.Scar.pdb Trojan-Downloader can be compared to Trojan.Win32.Scar.dgje , Trojan.Win32.Scar.dimu and...

Posted on November 24, 2015 in Trojans


The Trojan.Injector.PG is a typical Trojan that utilizes code injection to hide its activities and hinder automated cyber security mechanisms. The threat presented by Trojan.Injector.PG can be compared to other code injectors like Trojan.Comet.A , Win-Trojan/Injector.6144.C and Trojan.Injector.BZ . The Injector.PG Trojan may be deployed via malvertising and spam campaigns and connect to a remote server to download instructions sent by its operators. The Trojan.Injector.PG cyber threat is known to inject its core process into a separate thread under a Windows process named ctfmon.exe that handles the Alternative User Input and Office Language Bar. The Trojan.Injector.PG malware may record the user's input via pen tablet, keyboard, voice and onscreen keyboard for Asian languages. Trojan.Injector.PG works as a keylogger that has extended capabilities and may make screenshots of your...

Posted on November 24, 2015 in Trojans


Trojan.Downloader.Hyteod is a harmful program that may spread among users as an attached file to spam mail that may be related to media reports on statements by government officials. Malware researchers note that the Hyteod Trojan-Downloader can run on 32-bit and 64-bit Windows systems, may utilize scripts to inject code into running processes and emulate a shadow instance of Microsoft's Internet Explorer. The Hyteod Trojan-Downloader may edit the security settings in Internet Explorer to whitelist its remote 'Command and Control' servers and prevent the Windows Firewall from blocking its connections. The Hyteod Trojan may use the built-in WINSOCK dynamic-link library in Windows to start a undetected TCP connection with its operators. Additionally, the Hyteod Trojan-Downloader might modify the netmsg.dll file that is integral to the LAN manager to enable its operations. Computer...

Posted on November 24, 2015 in Trojans


The Barys malware falls in the category of a Trojan Downloader and is programmed to allow its operators to download and upload files to your computer without you noticing it Malware researchers note that the Barys Trojan has some interesting features like the implementation of the Dropbox online file storage service. The Barys Trojan also could be encountered under the name of Trojan:Win32/Congrim. The Barys Trojan may be delivered to users via spam campaigns or travel bundled with free program installers that are promoted on suspicious websites. The Barys Trojan is known to make TCP connections via port 443 to remote hosts such as,, and The Congrim (Barys) Trojan might install its main executable in the AppData folder, and its support components in the Temp folder to prevent easy detection. The Barys Trojan can...

Posted on November 24, 2015 in Trojans
1 2 3 4 5 6 7 8 9 10 11 996