ThreatExpert's Statistics for Generic Downloader.ab [McAfee]:

Generic Downloader.ab [McAfee] is also known as:

Threat Alias	Number of Incidents
Downloader [Symantec]	1,076
TROJ_DLOADER.DYA [Trend Micro]	782
Trojan Horse [Symantec]	622
Trojan-Downloader.Tibs!sd5 [PC Tools]	480
WORM_ZHELATIN.VM [Trend Micro]	480
Trojan-Downloader.Small!sd5 [PC Tools]	470
TrojanDownloader:Win32/Renos.DU [Microsoft]	418
BackDoor-DNP.dll [McAfee]	391
not-a-virus:AdWare.Win32.BHO.dwl [Kaspersky Lab]	320
Trojan-Downloader.Win32.Renos.DU [Ikarus]	288
Adware.BHO!sd6 [PC Tools]	256
Trojan-Downloader.Win32.Small.hwc [Kaspersky Lab]	207
Trojan.Win32.Agent2 [Ikarus]	169
Trojan.Win32.Agent2.fvv [Kaspersky Lab]	169
Win-Trojan/Agent.172032.DJ [AhnLab]	156
Troj/Agent-GNA [Sophos]	138
Trojan.Agent2!sd6 [PC Tools]	117
Trojan-Downloader.Win32.Tibs.ym [Kaspersky Lab]	100
Worm.Win32.Socks.r [Kaspersky Lab]	92
Trojan.Vundo [Symantec]	90
Mal/Generic-A [Sophos]	83
WORM_NUCRYPT.GEN [Trend Micro]	72
Troj/Virtum-Gen [Sophos]	54
Trojan.Win32.Agent.agv [Kaspersky Lab]	54
Trojan:Win32/Agent [Microsoft]	54
Adware.Maxifiles [PC Tools]	41
Trojan.BHO.Agent.AL [Ikarus]	36
Dropper.Agent.yic [PC Tools]	30
Packed/Upack [PC Tools]	27
TrojanDownloader:Win32/Agent!rts [Microsoft]	26
Win-Trojan/Downloader.5120.GT [AhnLab]	23
Worm.Win32.Socks [Ikarus]	23
Win-Trojan/Xema.variant [AhnLab]	20
not-a-virus:AdWare.Win32.Agent.bm [Kaspersky Lab]	19
not-a-virus:AdWare.Win32.Agent.y [Kaspersky Lab]	19
Backdoor.Agent [PC Tools]	17
TROJ_DROPPER.UN [Trend Micro]	16
Trojan-Downloader.Win32.Agent.akh [Kaspersky Lab]	16
Trojan-Proxy.Saturn!sd6 [PC Tools]	16
Trojan-Proxy.Win32.Saturn.cu [Kaspersky Lab]	16
Adware.Agent.TVV [PC Tools]	13
Downloader.Trojan [Symantec]	13
Mal/UnkPack-Fam [Sophos]	13
Trojan-Downloader.Delf!sd5 [PC Tools]	13
TrojanDownloader:Win32/Troxen!rts [Microsoft]	13
Trojan.Cymdos [Symantec]	12
Backdoor.Trojan [Symantec]	11
not-a-virus:AdWare.Win32.Agent [Ikarus]	11
Trojan.Zlob [Symantec]	11
Possible_Virus [Trend Micro]	10
Trojan.Renos.Gen!Pac.10 [PC Tools]	10
Trojan.Win32.Agent [Ikarus]	10
Trojan-Downloader.Agent!sd5 [PC Tools]	10
Trojan-Downloader.Win32.Hoaxer.a [Kaspersky Lab]	10
Trojan-Downloader.Win32.Small [Ikarus]	10
TROJ_DLOADER.QHT [Trend Micro]	9
Trojan.Vundo!sd6 [PC Tools]	9
Trojan.Win32.Fakemalard [Ikarus]	9
TrojanDownloader:Win32/Small [Microsoft]	9
Virus.Win32.Sality [Ikarus]	9
Mal/HckPk-A [Sophos]	8
not-a-virus:AdWare.Win32.Mostofate.q [Kaspersky Lab]	8
TROJ_VUNDO.BMW [Trend Micro]	8
Trojan.FakeAlert [PC Tools]	8
Trojan:Win32/Tibs.IF [Microsoft]	8
Trojan-Spy.Pophot [PC Tools]	8
Trojan.Packed.NsAnti [Symantec]	7
Trojan-Dropper.Agent.BXK [PC Tools]	7
Packed.Generic.57 [Symantec]	6
Trojan.KillAV [Symantec]	6
Trojan-Downloader.Win32.Agent.dne [Kaspersky Lab]	6
TrojanDownloader:Win32/Frethog.C [Microsoft]	6
Trojan-Dropper.Agent [Ikarus]	6
WORM_ZHELATI.AW [Trend Micro]	6
Adware.Agent!sd5 [PC Tools]	5
Adware.Agent.UJP [PC Tools]	5
Infostealer.Gampass [Symantec]	5
Mal/Dorf-E [Sophos]	5
not-a-virus:AdWare.Win32.BHO.ar [Kaspersky Lab]	5
SecurityRisk.Downldr [Symantec]	5
Trojan:Win32/Matcash.gen!C [Microsoft]	5
Trojan-Downloader.Agent!sd6 [PC Tools]	5
Trojan-Downloader.Win32.Agent.ber [Kaspersky Lab]	5
Adware.BHO!sd5 [PC Tools]	4
BrowserModifier:Win32/Toolbar888 [Microsoft]	4
Infostealer [Symantec]	4
Mal/EncPk-CZ [Sophos]	4
Mal/TibsPak [Sophos]	4
not-a-virus:AdWare.Win32.Mostofate [Ikarus]	4
Possible_DLDER [Trend Micro]	4
TROJ_BANKER.JN [Trend Micro]	4
TROJ_DELF.HNT [Trend Micro]	4
TROJ_DLOADER.BBR [Trend Micro]	4
TROJ_DLOADER.HSO [Trend Micro]	4
TROJ_DLOADER.KYC [Trend Micro]	4
TROJ_DLOADER.LYT [Trend Micro]	4
TROJ_DLOADER.VDO [Trend Micro]	4
TROJ_DLOADER.ZEX [Trend Micro]	4
Trojan.Adclicker [Symantec]	4
Trojan.Agent.ABE [PC Tools]	4

Generic Downloader.ab [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	48
	Ukraine	24
	China	23
	Brazil	17
	Germany	9
	Republic of Korea	9
	Taiwan	2
	Italy	1
	Japan	1
	Netherlands	1
	Sweden	1
	Turkey	1
	United Kingdom	1

Generic Downloader.ab [McAfee] is known to be created as:

%AppData%\78f04d67.exe

%AppData%\microsoft\windows\lsass.exe

%AppData%\svchosts.exe

%CommonPrograms%\startup\igfxtray.exe

%ProgramFiles%\common files\update\2008x.exe

%ProgramFiles%\eset\iexpl0re.exe

%ProgramFiles%\explorer.exe

%ProgramFiles%\messenger\custsat.exe

%ProgramFiles%\microsoft common\wuauclt.exe

%ProgramFiles%\msn gaming zone\mero.dll

%ProgramFiles%\pchealthcenter\0.exe

%ProgramFiles%\pchealthcenter\4.exe

%ProgramFiles%\pchealthcenter\7.exe

%ProgramFiles%\weather report\backup.exe

%ProgramFiles%\windows media player\wsetup_wm.exe

%Programs%\startup\rncsys32.exe

%System%\.00cd1a40\00cd1a40.exe

%System%\78f04d67.exe

%System%\avp.exe

%System%\bgotrtu0.dll

%System%\bgotrtu1.dll

%System%\braviax.exe

%System%\cbevtsvc.exe

%System%\cdnprh.dll

%System%\com\comrepl32.exe

%System%\crypts.dll

%System%\dd33d3\00c3ac.exe

%System%\digeste.dll

%System%\down.dll

%System%\drivers\svchost.exe

%System%\drivers\uzcx.exe

%System%\dzhoil.dll

%System%\ftpdll.dll

%System%\gmpt.dll

%System%\helper.exe

%System%\icq6.exe

%System%\ime\svchost.exe

%System%\incognito.exe

%System%\install32m.exe

%System%\jfiehayd.dll

%System%\kamsoft.exe

%System%\kaspersky.exe

%System%\kdxce.exe

%System%\ldr.exe

%System%\lgwubrw.exe

%System%\maxpaynow1.exe

%System%\meex.com

%System%\moviemk.exe

%System%\ms.exe

%System%\msftp.dll

%System%\msicf32.exe

%System%\msns32.exe

%System%\mssrv32.exe

%System%\mycgc32.dll

%System%\mywcc080604.dll

%System%\netsver.exe

%System%\notaped.exe

%System%\powervideo.dll

%System%\psguax.dll

%System%\qahwtb.exe

%System%\qipauzax.dll

%System%\servicers.exe

%System%\sonyserver.exe

%System%\spoo1sv.exe

%System%\srvprc.exe

%System%\svch5.exe

%System%\sysldr32.exe

%System%\syslodr.exe

%System%\systyl.exe

%System%\sysvx.exe

%System%\taskdir.exe

%System%\tcpcon.dll

%System%\ucx.exe

%System%\urretnd.exe

%System%\uweyiwe0.dll

%System%\uweyiwe2.dll

%System%\vxfecgkco.dll

%System%\wind32.exe

%System%\winscnr.exe

%System%\winsrv.exe

%System%\winupd.exe

%System%\wntbhaa.exe

%System%\wuaucltl.exe

%System%\wzghui.sys

%System%\xydzyh.exe

%System%\yur1.exe

%System%\yur10.exe

%System%\yur11.exe

%System%\yur12.exe

%System%\yur13.exe

%System%\yur14.exe

%System%\yur15.exe

%System%\yur16.exe

%System%\yur17.exe

%System%\yur18.exe

%System%\yur19.exe

%System%\yur1a.exe

%System%\yur1b.exe

%System%\yur1c.exe

%System%\yur1d.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).