According to the September report from the IT systems provider for small and medium-sized enterprises, 'scareware' is also making a return to riding high in the threat charts.
The figures, says GFI, show a staggeringly consistent attack primarily by the same trojan horse programs that have persisted for several months.
Several of the top threats were unchanged from the past two months, including those detected as Trojan.Win32.Generic, which GFI says were still the main detection, slightly down to 23.54% of total detections.
This generic detection, says GFI, includes more than 120 000 traces of malicious applications and has been in the top spot for many months: in August, with 25.11%, in July with 29.08% and in June with 27.16% of the total number of detections.
The number two detection, meanwhile, has not changed from last month either. Trojan-Spy.Win32.Zbot.gen is a detection of password-stealing trojans with many versions.
The third largest detection, Trojan.Win32.Generic, moved up from fifth place last month and is the generic detection for password-stealing trojan horse programs.
These malware variants, says GFI, install keyloggers, which record keystrokes and send the data to the malicious operators who distribute the malware.
"These detections are evidence of the activities of botnet operators. They use their networks to pump out the spam that's intended to infect machines", said Francis Montesino, manager of GFI's malware processing team.