Update: <sigh> What I wrote earlier was propaganda done independently by our sister company’s UK office, and is not in line with Official Company Propaganda. Official Company Propaganda is a deal where we provide this information monthly to a Big Security Magazine.
Here is the Official Top 10 List, as provided by our Chief of Propaganda. The data are pulled from the 15th of one month to the 15th of the next month and are identified as high risk threats with the percentage based on number of times each threat was found divided by the number of scans run. These threats are classified high risk or severe based on method of installation among other criteria.
| Threat Name | Description | Percentage Found |
| ABetterInternet.Aurora | Opens popup ads on the desktop based on a user’s surfing history, may disable or uninstall other software, and thwarts uninstallation through the use of resuscitator code. | 5.27% |
| iSearch.DesktopSearch | Removes the user’s access to use Windows Search and replaces it with C:WINDOWSisrvsdesktop.exe. | 5.26% |
| IST.ISTbar | Internet Explorer Hijacker that modifies home pages and searches without a user’s consent. | 5.00% |
| ABetterInternet | Shows advertisements based on web pages viewed and web sites visited. | 4.84% |
| 180search Assistant | Logs the web pages visited and uploads the data to its servers. | 3.87% |
| ShopAtHome | Installs itself in the Winsock layer of the computer and redirects users to merchant sites in order to take affiliate fees from them automatically without user knowledge. | 3.86% |
| IST.SideFind | Installs an Internet Explorer browser helper object that includes extra buttons for adware. | 3.68% |
| eXact.BargainBuddy | BargainBuddy is a Browser Helper Object that watches the pages the browser requests and the terms a user enters into a search engine web form. If a term matches a preset list of sites or keywords, BargainBuddy will display an ad. | 3.21% |
| CoolWebSearch | CoolWebSearch is part of a strain of trojans that have recently been identified that all have one thing in common: they install through the ByteVerify exploit in the MS Java VM and change the IE homepage, search page, search bar, etc. | 3.18% |
| IST.PowerScan | IST.PowerScan is advertised through ordinary web pop-ups, and can be installed with help from the the ISTBar adware. It monitors a user’s browsing habits and distributes the data back to the author’s servers for analyses. | 2.99% |
Our Chief of Propaganda wasn’t happy. Naughty Alex! Naughty Naughty Naughty!!!!
Old post follows for historical context.
Fwiw — from our propaganda department. Link here.
The top ten most prevalent threats are:
| IST.ISTbar | 9% |
| Claria.DashBar | 7% |
| AvenueMedia.DyFuCA | 7% |
| ABetterInternet | 5% |
| IST.SlotchBar | 5% |
| iSearch.DesktopSearch | 5% |
| ABetterInternet.Aurora | 5% |
| WebSearch Toolbar | 5% |
| IST.SideFind | 4% |
| 180search Assistant | 4% |
But what’s cooler is that you can see, in real-time, what the current top threats are as reported by our ThreatNet community. Just go to this link.
Alex Eckelberry