Update:  <sigh> What I wrote earlier was propaganda done independently by our sister company’s UK office, and is not in line with Official Company Propaganda.  Official Company Propaganda is a deal where we provide this information monthly to a Big Security Magazine. 

Here is the Official Top 10 List, as provided by our Chief of Propaganda.  The data are pulled from the 15th of one month to the 15th of the next month and are identified as high risk threats with the percentage based on number of times each threat was found divided by the number of scans run. These threats are classified high risk or severe based on method of installation among other criteria.


Threat NameDescriptionPercentage Found
ABetterInternet.AuroraOpens popup ads on the desktop based on a user’s surfing history, may disable or uninstall other software, and thwarts uninstallation through the use of resuscitator code.5.27%
iSearch.DesktopSearchRemoves the user’s access to use Windows Search and replaces it with C:\WINDOWS\isrvs\desktop.exe.
IST.ISTbarInternet Explorer Hijacker that modifies home pages and searches without a user’s consent.5.00%
ABetterInternetShows advertisements based on  web pages viewed and web sites visited.4.84%
180search AssistantLogs the web pages visited and uploads the data to its servers.
ShopAtHomeInstalls itself in the Winsock layer of the computer and redirects users to merchant sites in order to take affiliate fees from them automatically without user knowledge.3.86%
IST.SideFindInstalls an Internet Explorer browser helper object that includes extra buttons for adware.3.68%
eXact.BargainBuddyBargainBuddy is a Browser Helper Object that watches the pages the browser requests and the terms a user enters into a search engine web form. If a term matches a preset list of sites or keywords, BargainBuddy will display an ad.3.21%
CoolWebSearchCoolWebSearch is part of a strain of trojans that have recently been identified that all have one thing in common: they install through the ByteVerify exploit in the MS Java VM and change the IE homepage, search page, search bar, etc.3.18%
IST.PowerScanIST.PowerScan is advertised through ordinary web pop-ups, and can be installed with help from the the ISTBar adware. It monitors a user’s browsing habits and distributes the data back to the author’s servers for analyses.2.99%

Our Chief of Propaganda wasn’t happy.  Naughty Alex!  Naughty Naughty Naughty!!!! 

Old post follows for historical context.

Fwiw — from our propaganda department.  Link here.

The top ten most prevalent threats are:

IST.ISTbar 9%
Claria.DashBar 7%
AvenueMedia.DyFuCA 7%
ABetterInternet 5%
IST.SlotchBar 5%
iSearch.DesktopSearch 5%
ABetterInternet.Aurora 5%
WebSearch Toolbar 5%
IST.SideFind 4%
180search Assistant 4%

But what’s cooler is that you can see, in real-time, what the current top threats are as reported by our ThreatNet community.  Just go to this link.

Alex Eckelberry 

Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.