Track Global Malware Trends
View the trending of malware based on the 'detection count' reports of threats found in infected PCs and volume levels which reflect malware infection rates. For real-time data on malware outbreaks worldwide, visit MalwareTracker.
Top 10 Malware Threats
Rank Malware Infected PCs %Change Trend
1 Adware Helpers 2,036,697 1%
2 Conduit Search/Toolbar 1,464,704 -1%
3 PUP.SupTab 1,048,705 1%
4 PUP.InstallCore 905,057 3%
5 PUP.SuperWeb 874,246 1%
6 PUP.Optimizer Pro 873,082 1%
7 Adware.Multiplug/Variant 837,876 3%
8 Iminent Toolbar 703,456 -3%
9 Hijacker 639,799 0%
Download as CSV
More Info

Top Security News

Top 20 Countries Found to Have the Most Cybercrime
Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm,...
Gmail Filter Virus Attacks Gmail Users Turning Them Into Spammers
A new vulnerability within the Gmail email account system, called Gmail Filter Virus, is currently affecting some Gmail users taking control of their account turning it into a virtual spam proxy. Many Gmail account users will utilize the 'filters' feature for various automation functions in...
Crafty Scammers Offer a Fake Survey Bypassing Script That is Really a Survey Scam Campaign in Disguise
Just when you think that you have heard about some of the most clever scams online, cybercrooks amaze us all again as they introduce their very own solution to online survey scams. The people responsible for survey scams are not only still tricking computer users through the use of their annoying...

More Articles

VirLock Ransomware


The VirLock Ransomware is a ransomware Trojan that takes computers hostage and then demands payment from the computer users using BitCoin, a crypto-currency that is known for permitting anonymous online payments. The VirLock Ransomware will threaten computer users, claiming that the VirLock Ransomware has found pirated software on the infected computer and threatening to report the victim to the authorities unless the fine is paid. These claims have no basis. The VirLock Ransomware cannot check your computer for pirated software or alert the authorities. Rather, the VirLock Ransomware is engineered to lock down your computer and prevent access to your files. If the VirLock Ransomware...

Posted on December 10, 2014 in Ransomware

CryptoWall Ransomware


The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware . The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8. As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files. Effectively, the CryptoWall Ransomware prevents computer users from accessing their data, which will be encrypted and out of reach. The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted...

Posted on May 12, 2014 in Ransomware

CryptoLocker Ransomware


The CryptoLocker Trojan is a ransomware infection that encrypts the victim's files. CryptoLocker may typically be installed by another threat such as a Trojan downloader or a worm. Once CryptoLocker is installed, CryptoLocker will search for sensitive files on the victim's computer and encrypt them. Essentially, CryptoLocker takes the infected computer hostage by preventing access to any of the computer user's files. CryptoLocker then demands payment of a ransom to decrypt the infected files. CryptoLocker is quite harmful, and ESG security analysts strongly advise computer users to use an efficient, proven and updated anti-malware program to protect their computer from these types of...

Posted on September 11, 2013 in Ransomware

MyStart by Incredibar


MyStart is a browser hijacker that uses the MyStart by Incredibar toolbar and a browser hijacking component that forces its victims to visit the website. This website is a low-quality search engine that displays more advertisements than legitimate results. Even worse, several of MyStart's search results may lead computer users to websites containing malicious content. Although MyStart actually provides a supposed tool to remove this component from the victim's web browser, ESG security researchers recommend disregarding this component and instead removing MyStart with the help of a reputable anti-malware utility. MyStart can refer to both the low-quality...

Posted on July 31, 2012 in Adware

FBI Moneypak Ransomware


ESG security researchers have received reports of a ransomware infection, known as the FBI Moneypak ransomware, that targets computer users in the United States. The FBI Moneypak ransomware infection will claim that the victim's computer was involved in viewing child pornography and then demands payment of a 100 dollar 'fine' to be sent via MoneyPack. Of course, that a criminal charge as serious as child pornography would be punished with a mere 100 dollar fine is laughable. There is a reason for this, the FBI Moneypak ransomware is not really from the FBI. Rather, this message is actually part of a common malware scam. The FBI Moneypak ransomware scam will use a Winlocker, that is,...

Posted on June 25, 2012 in Ransomware

Ukash Virus


The so-called Ukash Virus is a ransomware Trojan that receives its name because Ukash Virus requires that its victims use Ukash (a legitimate money transfer service) to transfer the ransom funds. This dangerous Trojan infection is composed of a Winlocker component that basically blocks access to the infected computer system, disabling access to the infected computer system's desktop, Task Manager, command line, Registry Editor and other services and applications. There are countless variants of the Ukash Virus, designed to target various different countries in Europe and North America. ESG malware analysts strongly advise against paying the ransom that this malware infection tries to...

Posted on June 15, 2012 in Ransomware

Live Security Platinum


Live Security Platinum is one of the many fake security programs in the WinWebSec family of malware. Although ESG security researchers have been following the family of malware for several years, Live Security Platinum is a relatively new variant first detected in 2012. Because of this, it is pivotal to ensure that your security software is fully updated. Like most fake security programs, Live Security Platinum is designed to induce PC users to purchase a worthless 'full version' of Live Security Platinum. To do this, Live Security Platinum will try to scare the computer user with a variety of fake error messages, pop-up alerts from the Taskbar and a convincing fake scan of the...

Posted on June 1, 2012 in Rogue Anti-Spyware Program

DNS Changer


DNS Changer is a Trojan that is designed to force a computer system to use rogue DNS servers. Also, DNS Changer is being referred to as the Internet Doomsday Virus, Ghost Click Malware, DNS Changer Rootkit, DNS Changer Malware, DNS Changer Trojan, DNS Changer Virus, FBI DNS Changer or DNSChanger. A DNS Changer infection will typically have two steps, in order to reroute the infected computer’s traffic to these malicious DNS servers: A DNS Changer malware infection will change the infected computer system’s settings, in order to replace the DNS servers to rogue DNS servers belonging to hackers or online criminals. The DNS Changer malware infection will then try to...

Posted on November 25, 2011 in Trojans

Blue Amulet Ads

The Blue Amulet browser add-on may claim to provide Web surfers with discounts to jewelry items from trusted merchants but is adware. The Blue Amulet adware will subject you to a torrent of promotional materials from less-reputable merchants as long as its developers are getting paid to do so. Users that value quality ads on Amazon, Best Buy, and eBay may be surprised to see only ads by Blue Amulet that redirect to suspicious websites. The Blue Amulet adware may use JavaScript and ActionScript3 to inject video commercials on non-affiliated websites and videos on YouTube. The Blue Amulet adware may bold words in the literature that you read online and link them to sponsored content and services. The Blue Amulet adware may show you pop-up windows loaded with promotions of drugs on low prices, but you should not trust such ads because they may be from illegal pharmaceutical companies....

Posted on September 4, 2015 in Adware

Catered to You Ads

The peculiar ads that feature the slogan Powered by Catered to You are generated by an adware infection on your PC. You may have installed an adware application by handling a free software package with the 'Express' or 'Typical' option recklessly. The only thing the Catered to You adware would serve you is an abundance of coupons, discounts, limited time offers and special deals. The Catered to You adware comes from the same company behind browser hijackers and adware like QuickSurf and SnapSearch – namely SuperWeb LLC. The name of the Catered to You adware perfectly sums up the main functionality of all products under the SuperWeb logo. The Catered to You adware will use tracking cookies, DOM storage data, read your Internet history and detect your approximate geographical location to load customized advertisements in your Internet browser. The ads powered by Catered to You may...

Posted on September 4, 2015 in Adware

Security researchers alert users that the domain is associated with a browser hijacker that is being spread among users incorporated with free program installers. When you download a free program and intend to install it make sure to use the 'Advanced' or 'Custom' option to avoid installing third-party applications related to Several leading web filters have detected the domain as malicious and is connected to two IP addresses, namely - and that are seen in communications of botnets. The browser hijacker linked to may cause Windows Firewall to bring up notifications of suspicious connections to the aforementioned IP addresses and attempts to download binaries. Malware researchers note that the browser hijacker may try to download the Andromeda and IRCBot...

Posted on September 4, 2015 in Adware


The SaveDeals shopping helper by Coupon Management Software may arrive on your computer as an optional offer under the 'Custom' or 'Advanced' option of a free software bundle. The SaveDeals shopping helper is associated with the domain, and it will push marketing content in your browser from less-known e-commerce sites like Jabong and ShopClues. Security authorities classify the SaveDeals software as adware that may feature links to harmful domains and insecure shopping portals. The SaveDeals adware is very similar to Smart Wallet and SmartCompare and may display many coupons, discounts and vouchers in your browser to appear useful. However, the ads brought by SaveDeals may be corrupted and invite you to install software such as Vaudix and WeCare that may cause your Internet browser to crash and bring up pop-up windows urging you to take surveys.The SaveDeals...

Posted on September 4, 2015 in Adware

Treasure Track Ads

The Treasure Track browser extension is deployed to users with freeware packages and is free for download from The Treasure Track claims to allow adventurous Web surfers to keep track of treasure findings and treasure exhibits across the world. However, the Treasure Track extension is deemed by security experts as adware because it only redirects users to third-party information resources and shows numerous ads. The Treasure Track adware is known to place sponsored search results as users employ the services of Google, Yahoo and Bing. Also, the Treasure Track adware will use JavaScript to load banners, coupons, vouchers and discounts on every page you visit. You should keep in mind that the ads by adware like Treasure Track and Solid Savings are not safe, and you could be directed to visit untrusted domains. Security experts add that the Treasure Track adware may...

Posted on September 4, 2015 in Adware


Security analysts report that the AwsomeExt browser add-on that travels with freeware bundles is adware that may feature links to untrusted websites. Moreover, the AwsomeExt adware may show pop-up windows that welcome users to input information like their phone number, home address, and name to have a chance at winning 'amazing prizes'. You should not be fooled by such messages, and you are strongly advised against providing that type of information to third parties related to adware. The AwsomeExt adware is programmed to read the metadata of pages you visit and will make words bold, paint them in green and underline them. The words made bold by the AwsomeExt adware will be transformed into hyperlinks to sponsored content that may be hosted on compromised websites, and you could be redirected to phishing pages. Security analysts reveal that the AwsomeExt adware is similar to the Vidx...

Posted on September 4, 2015 in Adware


Are Astori ads bothering you while you browse the web? These advertisements are caused by a dubious web browser extension called Astori. It's okay if you don't recall installing this application because, in most cases, it may be deployed to a user's computer without their knowledge. This usually happens thanks to the stealth installation methods used by Astori as well as because this application may often be distributed via software bundles. Our security researchers identify Astori as adware and recommend its immediate removal, so if you see Astori ads in your web browser, you should be prepared to take the necessary steps to remove the source of the advertisements. Astori is harmless, and it can't reveal your login credentials or private data to cyber criminals. However, it may work in the background to collect non-identifiable information about your browsing habits and activity...

Posted on September 3, 2015 in Adware


WinClock is a piece of program that our security researchers identify as a potentially unwanted program (PUP). Its purpose is to introduce a clock widget to your Windows Desktop that can be customized according to your likenesses. The clock's styles can be changed, and there are hundreds of pre-made themes to choose from. However, the WinClock software is installed as a trial version that is ad-supported. This means that as long as WinClock is installed, and the full version isn't purchased, you may be exposed to the aggressive advertising techniques utilized by this software. The WinClock application is developed by Howard Software LTD., and it can be downloaded from the official website. However, we detected several samples of freeware and shareware apps that may be used to distribute the installation of WinClock via software bundles. This method of distribution isn't new, but it...

Posted on September 3, 2015 in Adware


If you are reading this article, then there is a high chance that you may be seeing ExportMaster ads in your web browser? If you are worried that your computer might have been infected by a dangerous virus, then don't be because the ExportMasters ads are caused by a small piece of adware that may be deployed to your computer without your knowledge. Adware is a minor PC infection that may take control over some of your browser's settings, and force it to display advertisements on particular websites. In the case of the ExportMasters adware, its advertisements may show up on any website you visit, so you won't be able to avoid them unless you remove their source. The ExportMasters adware may have been installed without your knowledge because its primary method of propagation is software bundles. The last time you installed a free piece of software, you may have been asked to install...

Posted on September 3, 2015 in Adware

Lucky Bright Ads

Seeing Lucky Bright ads in your web browser can only mean one thing – that the Lucky Browse adware has been installed on your computer. This isn't any reason to be worried because the Lucky Bright adware isn't dangerous at all. In fact, this application is harmless, but its behavior might annoy you whenever you try to browse the web. Enigma Software Group cyber threat researchers classify the Lucky Bright browser extension is adware because of its tendency to display unwanted and aggressive ads in the user's web browser. Advertising isn't Lucky Bright's only ability, as this adware may also collect anonymous data regarding the targeted user's browsing habits. This information may be used to improve the quality of Lucky Bright's advertising campaigns or for other marketing purposes. Whatever the case, one thing is for certain – the Lucky Bright application doesn't improve your web...

Posted on September 3, 2015 in Adware

Sport Competitor Ads

Are your web browsing sessions suddenly interrupted by advertisements labeled "Sport Competitor Ads" or "Ads by Sport Competitor"? If the answer is yes, then you need to be aware that a piece of adware that goes by the name Sport Competitor may have been installed on your computer. Adware isn't dangerous, and it isn't a PC threat that can access your passwords and other private data. However, as long as the Sport Competitor adware is installed, you may be disturbed by its advertisements whenever you attempt to browse the web. The advertising methods adopted by the Sport Competitor web browser extension are aggressive, and they may include but are not limited to pop-ups; banners; in-text ads; sponsored search results. The Sport Competitor ads may be published by 3rd parties, so their content may often be left unfiltered, and there is no way to guarantee that they won't lead the...

Posted on September 3, 2015 in Adware


ThinkDesktop is a web browser extension that may be installed without the user's knowledge, but not without their approval. This can happen thanks to the propagation technique used by ThinkDesktop's developers – software bundling. Software bundling is quite common on the web, and there is a high chance that the next free application you decide to download may be bundled with 3rd-party applications. This isn't illicit nor is it suspicious because this technique allows software developers to cover some of their costs by simply offering their users to install another piece of software. Unfortunately, these software bundles may sometimes offer to install browser extensions with a questionable reputation, just like ThinkDesktop. The purpose of ThinkDesktop application, as silly as it may sound, is to display advertisements to the user. The paid ThinkDesktop ads surely generate revenue...

Posted on September 3, 2015 in Adware


FindsPro is a questionable web browser extension whose installation may lead to the appearance of unwanted advertisements in your web browser. If you ever come across FindsPro, you may notice that this browser extension may be promoted as a useful utility that can help you save money and find better products online. In fact, that's the exact purpose of FindsPro – to provide the end-user with product suggestions, price comparisons, discounts, and other information that may enhance their online shopping experience. This may seem like a great deal, but the FindsPro extension also packs another feature that you may not be so keen to see. The FindsPro application is known to inject advertisements in the user's web browser, so you may be bothered by FindsPro ads as long as you have this web browser extension. Although the FindsPro extension should not be considered to be malicious, it may...

Posted on September 3, 2015 in Adware


The ZiperFly application from Howard Software Ltd. claims to be a free alternative to WinRAR and allow you to create, operate and modify archive files. The ZiperFly archive manager has a free and ad-supported version and a paid version that has no ads and can be purchased for $1.99. Security analysts report that ZiperFly is seen to travel in the company of adware such as HugeApps and browser hijackers like , and you should reconsider installing it. The ZiperFly application is classified as a Potentially Unwanted Program that responsible users may not want on their PC. As stated above, ZiperFly has an ad-supported version that is spread among users via freeware packages, and users may see pop-ups and banners in their browser. The advertisements pushed by ZiperFly may contain links to harmful domains and suggest you to install Potentially Unwanted Programs...

Posted on September 3, 2015 in Adware


The KavaPuller browser add-on may be offered to users in freeware packages as an RSS-feed reader that can deliver news blazingly fast. However, the only objective of the KavaPuller add-on is to feed your browser with advertisements. Security authorities report that the KavaPuller adware does not have a valid digital certificate and may pull marketing content from advertisers over insecure channels. Moreover, the KavaPuller adware might use session cookies, read your bookmarks and Internet history logs to show tailor-suited ads and maximize its efficiency. Users that are interested in computer optimization and security may be welcomed to install riskware like SpeedUpMyComputer and SProtect that might cause your browser to crash and change your DNS settings. The KavaPuller adware is similar to FineDealSoft and GetSavin and may use JavaScript to insert banners and inline ads on...

Posted on September 3, 2015 in Adware
1 2 3 4 5 6 7 8 9 10 11 965