Malware Prevalence January 2012

HitmanPro is a second opinion malware scanner, designed to run alongside existing real-time antivirus programs. Its purpose is to find and remove malware that your existing antivirus program is currently unable to find and/or remove.

The list below is the top malware that HitmanPro found and removed from computers that were protected by up-to-date antivirus programs. It differs from other security companies because this list is about malware that is successful in hiding from or bypassing up-to-date virus protection programs. We are able to compile this list because HitmanPro also records if there was an up-to-date antivirus program on the computer, registered in the Windows Security Center.

Prevalence Top 25

# Malware Prevalence
1 FakeAV 11,97%
2 MyWebSearch 7,41%
3 Alureon 7,02%
4 ZeroAccess 5,16%
5 Sasfis 5,11%
6 Hotbar 4,03%
7 Pihar 3,51%
8 Zbot 3,26%
9 Gamevance 3,21%
10 Delf 2,64%
11 Buzy 2,64%
12 Virut 2,51%
13 Softomate 1,99%
14 Vundo 1,82%
15 Popuper 1,52%
16 Hacktool 1,46%
17 Small 1,14%
18 Zwangi 0,95%
19 Mebroot 0,93%
20 Sality 0,89%
21 Zango 0,80%
22 Bamital 0,80%
23 Cycbot 0,79%
24 Rebhip 0,79%
25 Hupigon 0,76%

Infected MBR Prevalence Top 5

# Bootkit Prevalence
1 Pihar 63.11%
2 TDL4 (Alureon) 27.99%
3 Sst 5.09%
4 Mebroot (Sinowal) 3.08%
5 Beast 0.33%

A bootkit is a variant of a kernel-mode rootkit and modifies the master boot record (MBR). They sucessfully subvert 64-bit kernel-mode driver signing in Windows 7. More information on Wikipedia: Bootkits

See also our website with more in-depth information on this list:
http://www.surfright.nl/en/hitmanpro/prevalence/january-2012

Comments are closed.

%d bloggers like this: