Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 1,670,361 4%
2 Conduit Search/Toolbar 1,240,822 3%
3 PUP.InstallCore 827,527 4%
4 PUP.Optimizer Pro 794,155 2%
5 PUP.SupTab 730,868 1%
6 Qvo6.com Hijacker 651,936 1%
7 Adware.LinkSwift 640,183 0%
8 V9 Redirect Virus 596,789 4%
9 Babylon Search/Toolbar 534,877 2%
10 Qone8.com 454,691 8%
csv
Download as CSV
More Info
i

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Warning: Over 20,000 Gmail, AOL, and Yahoo Email Accounts Hacked!
A major email security scam has taken place today where hackers compromised over 20,000 Gmail, AOL and Yahoo email accounts and posted the login details of them online. It is apparent that there is a phishing scheme happening where hackers are able to obtain thousands of login credentials from...

More Articles

CryptoWall Ransomware

Screenshot

The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

Kovter Ransomware

Screenshot

The Kovter Ransomware is a malware threat that carries out a common Police Ransomware scam in order to steal money from unsuspecting computer users. The Kovter Ransomware is a relatively new Police Ransomware Trojan, first detected in 2013 in the wild. Like most Police Trojans, the Kovter Ransomware displays a fake message from the police intending to trick the victim into paying a 'penalty' in order to stay away from jail time. Like other Police Rasomware, the Kovter Ransomware has a Winlocker component that allows the Kovter Ransomware to block access to the infected computer. However, the main reason why the Kovter Ransomware has attracted the scrutiny of malware researchers is...

Posted on April 10, 2013 in Ransomware

CIBS Pol Virus (Ransomware)

Screenshot

The CIBS Pol Virus is a police ransomware Trojan that belongs to the Urusay family of malware. This police ransomware Trojan is classified as a Winlocker because it blocks access to the victim's computer by displaying a full-screen message that claims to be an alert from the police. CIBS Pol Virus is a well known scam that is in no way connected to the police force. Instead, the CIBS Pol Virus is used by criminals to scam inexperienced computer users so that they will hand over their money out of fear of prosecution, jail time and severe fines. If your access to your computer is blocked by the CIBS Pol Virus, ESG security researchers strongly advise against following the steps...

Posted on February 21, 2013 in Ransomware

MyStart by Incredibar

Screenshot

MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the MyStart.Incredibar.com website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware

Screenshot

ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus

Screenshot

The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Malware, Ransomware

Live Security Platinum

Screenshot

Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer

Screenshot

DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

LowPricesApp

The LowPricesApp functions as a browser extension with features that are similar to App of the Day and OneAppPerDay. LowPricesApp is compatible with Google Chrome, Internet Explorer, and Mozilla Firefox, and it is considered adware infection. Adware products are often bundled with free applications. You should install software via the 'Custom' or 'Advanced' option in order to check for the presence of unfamiliar apps. If you installed the LowPricesApp add-on, it will inject the web pages you are visiting with ads, in-text hyperlinks, transitional ads and may display pop-ups. The LowPricesApp Browser Help Object may redirect users to affiliate websites when the user does a search for a particular term. The LowPricesApp extension may change your home page, new tab preferences and may collect information on your browsing history to decide what type of ads might attract your interest....

Posted on December 19, 2014 in Adware

S.system-update.net

The s.system-update.net and sls.system-update.net domains are used by adware program to display advertisement materials while computer users surf the web in Mozilla Firefox, Google Chrome or Internet Explorer. Adware may arrive on systems unnoticed because it is often a companion of freeware installers that most users handle through the 'Express' or 'Typical' option. The adware responsible for pop-ups related to the s.system-update.net and sls.system-update.net domains may keep track of your online history in order to display targeted content. Adware infections should not be taken lightly because your browsing experience may be hindered. You could use a reliable anti-malware utility to fight off the adware related to the s.system-update.net and sls.system-update.net domains.

Posted on December 19, 2014 in Browser Hijackers

Get.sad9876.info

The get.sad9876.info web site is employed by adware developers to generate pop-ups filled with merchandise deals and offers. The adware responsible for pop-ups by get.sad9876.info may have arrived in your system via bundling with freeware. Computer users infected with adware related to the get.sad9876.info domain experience many windows popping up in their web browsers as a result of the cross-browser capabilities of the adware. You might want to halt the invasion of advertisements, and you may do so with the help of a credible anti-spyware solution.

Posted on December 19, 2014 in Adware

Websearch.Searchoholic.info

Websearch.Searchoholic.info serves as the default search engine, homepage, and a new tab for users that have been infected with a browser hijacker. The browser plugin by searchoholic.info Ltd. arrives on computer systems only through freeware bundles, and it will modify your browser settings to enable the display of advertisement materials by third parties. Users who are subjected to use the websearch.searchoholic.info services will be regularly provided with pop-ups, hyperlinks to sponsored products and windows with special deals and offers. The browser plugin related to websearch.searchoholic.info will collect data about your online clicks, engaged media and search terms in order to generate a package of ads that are more likely to attract you. It should be noted that the browser plugin by searchoholic.info Ltd. may collect non-personally identifiable information, and you may want...

Posted on December 19, 2014 in Browser Hijackers

A.adsmktng.net

The A.adsmktng.net domain is used in relation with adware that displays marketing and promotional materials in the web browser of computer users. The marketing content is presented in the form of pop-ups, pop-unders and windows with special offers. The adware that causes these occurrences may use your browsing history to personalize the advertisement content that will be presented to you. Often, adware uses JavaScript to keep track of your search criteria as a way of updating the relevance of the ads, and you might wish to use a reliable anti-spyware tool to eradicate adware infections.

Posted on December 19, 2014 in Adware

OphionLocker

The OphionLocker ransomware is distributed through a malvertising campaign with the help of the RIG Exploit Kit. The OphionLocker is a strain of the crypto-ransomware family that uses advanced Tor implementation and elliptic curve cryptography (ECC). The OphionLocker ransomware is designed to encrypt video files, images, and text documents, after encryption it suggests the purchase of a decryption key for data retrieval. To gain a decryption key, users have to provide their unique Hardware ID, which is generated in a .txt file. The OphionLocker ransomware uses smaller public keys via the ECC and directs users to an .onion website for instructions regarding payment. The Tor based website is accessible through the services of Tor2web and users do not need to download the Tor Browse Bundle. Computer users infected with the OphionLocker would have 72 hours to pay 1 Bitcoin for the...

Posted on December 18, 2014 in Ransomware

City Web Ads

City Web is an application that could be considered a Potentially Unwanted Program (PUP) because it relies on advertisements to offer its service free-of-charge. The City Web software can be found offered as extra program while you install a free application through the 'Advanced' or 'Custom' option. The City Web program will inject advertisement materials in your web browsers in order to generate revenue from user clicks. The advertisements propelled through City Web may take on the form of pop-ups, pop-unders, transitional ads, banners, coupons and special deals. Also, your browsing history may be used in way that will allow ad providers to provide you with targeted content. The ads that support City Web might not be welcomed, and you can use a trusted anti-malware utility for complete removal of City Web.

Posted on December 18, 2014 in Adware

Gifter

The Gifter program functions as adware that injects the web pages you visit with ads, banners, in-text hyperlinks and may display pop-up windows. Gifter is often found on computers that have been infected with other adware such as BoomCheap and Boomdeal. You may spot the Gifter application in your 'Programs' section of 'Control Panel' after you have installed a free application because it is often distributed via software bundles. The Gifter software will be used by advertisers to cover your browser with annoying ads, and you may wish deal with it by using a credible anti-spyware tool.

Posted on December 18, 2014 in Adware

RocketSaler

The RocketSaler browser extension from WebPick Internet Holdings Ltd. is responsible for advertisement materials and web redirects, and it is considered adware program. Computer users with the RocketSaler extension on their system may see numerous ads, coupons and may be redirected to the filmon.tv or filmon.com websites. WebPick's products may provide limited functionality, and they are known to be facilitators of third party content. The RocketSaler software works with Google Chrome, Mozilla Firefox and Internet Explorer. RocketSaler is distributed through the InstallRex download platform. You should consider removal of RocketSaler with a reliable anti-malware tool and bring to an end its operations.

Posted on December 18, 2014 in Adware

Getit4cheaper

Security experts deem the Getit4cheaper browser extension as adware program. Analysis of this program shows that the Getit4cheaper extension functions as advertisement platform and users may become overwhelmed with pop-ups, banners and windows with special deals and coupons. Adware developers spread Getit4cheaper through bundling their product with freeware in order to reach more potential buyers. Often, advertisers support adware developers with the aim of mass deployment of marketing materials. Ad providers may use data collected by Getit4cheaper such as browser type, browsing history and services you have engaged to push targeted advertisements.

Posted on December 18, 2014 in Adware

Gen:Variant.Adware.Kazy.432610

The Gen:Variant.Adware.Kazy.432610 detection is used to notify computer users of the adware functionality of the Bundle Offer Manager by Bundle, Inc. Security researchers have determined that the software can display advertisement materials in the web browser. Users that have the Bundle Offer Manager on their PC may experience pop-ups, banners, and transitional ads. Adware may collect certain non-personally identifiable information such as your IP address, and MAC address and ads may prove intrusive. You may want to remove the Bundle Offer Manager with a trusted anti-malware utility.

Posted on December 17, 2014 in Adware

Worm.Win32.AutoRun.dtbv

The Worm.Win32.AutoRun.dtbv is exactly what the name suggests, and it is a worm that can arrive in your system through the use of removable media and shared folders. The Worm.Win32.AutoRun.dtbv is also known as Win32/Autoit.CC and it can spread additional malware through IM networks such as Yahoo Instant Messenger by sending a message to users. To enable its operations after every boot, Win32/Autoit.CC sets a registry key. Worm.Win32.AutoRun.dtbv is also seen in the detection results of several rogue anti-spyware products, and that does not mean you are infected with it. You should keep a reliable anti-malware program on your computer in order to be protected from cyber threats from the web, removable media, and shared folders.

Posted on December 17, 2014 in Worms

Uoqzz.download.girlsmen.xyz

The uoqzz.download.girlsmen.xyz domain is related to the Television Fanatic Toolbar adware. The Television Fanatic Toolbar adware is offered on uoqzz.download.girlsmen.xyz as well as a suspicious Adobe Flash Player update. Users with adware infection on their PC are often redirected to uoqzz.download.girlsmen.xyz and may experience pop-ups linking back to it. The adware that is responsible for pop-ups by uoqzz.download.girlsmen.xyz functions as a gateway for advertisements of potentially unwanted software. You could avoid adware infections by incorporating a trusted anti-malware solution in your system.

Posted on December 17, 2014 in Browser Hijackers

NinjaVOD

The NinjaVOD video widget is supported by advertising and experts consider it a Potentially Unwanted Program (PUP). The advertisements that support the free services of NinjaVOD are search provider, banner, in-text hyperlinks, pop-ups and transitional ads. The NinjaVOD software collects non-personally identifiable data in the form of DOM storage data, browser cookies, web beacons and may use JavaScript to determine what online services you are using, what searches you have done and what content you have engaged in. These operations by NinjaVOD are conducted in order to help its advertisers display targeted content. You should be notified that the NinjaVOD software does not honor 'Do Not Track' privacy settings in your browser, and you may want to remove it using a trusted anti-spyware tool.

Posted on December 17, 2014 in Adware

Gen:Variant.Adware.Kazy.166854

The Gen:Variant.Adware.Kazy.166854 name is used by security programs to recognize adware applications related to the Fusion Installer. The applications that are detected as Gen:Variant.Adware.Kazy.166854 may have different names, but they are linked to the Fusion Installer. Computer users may have installed Fusion Installer as part of freeware bundle, and they may see numerous ads, pop-ups, coupons and discounts appearing in their web browser. You should consider the implementation of anti-malware shield in your system as a cyber security measure against adware infections such as the Gen:Variant.Adware.Kazy.166854.

Posted on December 17, 2014 in Adware
1  2  3  4  5  6  7  8  9  10  11  12  Next     Total items: 12860