ThreatExpert's Statistics for Generic Downloader.x [McAfee]:

Generic Downloader.x [McAfee] is also known as:

Threat Alias	Number of Incidents
Mal/Generic-A [Sophos]	6,105
Downloader [Symantec]	5,563
Trojan Horse [Symantec]	4,523
Trojan-Downloader.Agent!sd6 [PC Tools]	4,201
Trojan-Downloader.Win32.Agent.agzq [Kaspersky Lab]	3,420
Virus.Win32.Virut.br [Ikarus]	2,907
Trojan-Dropper.Agent [Ikarus]	1,781
Trojan-Downloader.Win32.Small [Ikarus]	1,409
Trojan-Downloader.Small!sd6 [PC Tools]	1,271
Trojan.Matcash.Gen.2 [PC Tools]	1,138
TrojanDownloader:Win32/Renos.DU [Microsoft]	932
TrojanDownloader:Win32/Perkesh.gen!A [Microsoft]	914
Troj/LogThief-A [Sophos]	784
Trojan-Downloader.Win32.Small.agbh [Kaspersky Lab]	784
Trojan-Downloader.Win32.Hoaxer.a [Kaspersky Lab]	696
Trojan.Win32.BHO [Ikarus]	622
Trojan.BHO!sd6 [PC Tools]	611
Trojan:Win32/Tibs.IF [Microsoft]	598
Trojan-Downloader.Win32.Agent.bexw [Kaspersky Lab]	588
Trojan.Zlob [Symantec]	546
Trojan-Downloader.Small [Ikarus]	528
Trojan.Fakeavalert [Symantec]	522
Downloader.MisleadApp [Symantec]	507
Trojan:Win32/Insebro.C [Microsoft]	466
Rootkit.Win32.Small [Ikarus]	459
Hacktool.Rootkit [Symantec]	451
Troj/BHO-IA [Sophos]	440
Trojan:Win32/Tibs.gen!lds [Microsoft]	438
TROJ_SMALL.KGX [Trend Micro]	425
Trojan.Win32.BHO.iaw [Kaspersky Lab]	420
Mal/Dorf-E [Sophos]	404
Trojan-Downloader.Small.GEN [PC Tools]	397
Win-Trojan/Yanshi.3072 [AhnLab]	378
Trojan:Win32/Rlsloup.B [Microsoft]	364
TROJ_DLOADER.ZIM [Trend Micro]	357
Trojan-Downloader.Win32.FraudLoad.eav [Kaspersky Lab]	351
Mal/TibsPak [Sophos]	328
Trojan-Downloader.Win32.Agent.bhyn [Kaspersky Lab]	326
Win-Trojan/Downloader.7680.MI [AhnLab]	323
TrojanDownloader:Win32/Troxen!rts [Microsoft]	321
Rootkit.Agent!sd6 [PC Tools]	318
Trojan-Downloader.Win32.FraudLoad [Ikarus]	295
Rootkit.Win32.Agent.fhk [Kaspersky Lab]	288
Trojan.Peed [Ikarus]	275
Trojan.Dropper [Symantec]	274
Rootkit.Win32.Agent [Ikarus]	264
Trojan.KillAV [Symantec]	264
Hacktool.Rootkit!sd6 [PC Tools]	242
Rootkit.Win32.Small.le [Kaspersky Lab]	240
Trojan-Downloader.Win32.Agent.bozt [Kaspersky Lab]	240
Mal/EncPk-CZ [Sophos]	226
Win32.SuspectCrc [Ikarus]	224
Trojan-Downloader.Hoaxer!sd6 [PC Tools]	218
Trojan.Win32.Tibs [Ikarus]	216
Trojan-Downloader.Win32.VB [Ikarus]	214
Downloader-BNM [McAfee]	211
Win-Trojan/Agent.3968.H [AhnLab]	208
Trojan-Downloader.VB!sd6 [PC Tools]	198
Virus.Win32.Agent [Ikarus]	196
Win-Trojan/Downloader.8320.G [AhnLab]	190
Trojan-Downloader.Win32.VB.iuf [Kaspersky Lab]	182
Troj/FakeAV-OE [Sophos]	180
Infostealer.Onlinegame [Symantec]	178
Win-Trojan/Downloader.3584.KG [AhnLab]	168
Trojan.Fakeavalert!sd6 [PC Tools]	165
Backdoor.Win32.Frauder.fb [Kaspersky Lab]	164
Win-Trojan/Xema.variant [AhnLab]	163
Mal/Packer [Sophos]	159
Packed.Generic.186 [Symantec]	159
Infostealer.Gampass [Symantec]	158
Troj/DwnLdr-HGO [Sophos]	156
Trojan-Downloader.Win32.Small.aabv [Kaspersky Lab]	156
Trojan-Downloader.Win32.Agent.aflr [Kaspersky Lab]	154
Troj/Perksh-Gen [Sophos]	150
Trojan.Generic [Ikarus]	149
Trojan-Downloader.Win32.Small.aacq [Kaspersky Lab]	147
TROJ_SMALL.JTN [Trend Micro]	144
Trojan.Win32.BHO.ibv [Kaspersky Lab]	144
Trojan-Downloader.Win32.Adload.cgs [Kaspersky Lab]	144
Troj/Agent-FYA [Sophos]	141
Mal/Behav-144, Mal/Behav-009 [Sophos]	138
Trojan-Downloader.Win32.Agent.aftn [Kaspersky Lab]	135
Backdoor.Win32.Frauder.fb [Ikarus]	132
not-a-virus:FraudTool.Win32.Agent.cc [Kaspersky Lab]	130
not-a-virus:FraudTool.Win32.WinAntiVirus.bp [Kaspersky Lab]	130
Trojan.Win32.Agent.acqs [Kaspersky Lab]	130
Backdoor.Frauder!sd6 [PC Tools]	128
Infostealer [Symantec]	128
Trojan-Downloader.Win32.Renos.DU [Ikarus]	127
Backdoor.Trojan [Symantec]	123
Trojan-Downloader.Adload!sd6 [PC Tools]	120
W32/Autorun-QA [Sophos]	120
Trojan-Spy.Onlinegame!sd6 [PC Tools]	116
Trojan:Win32/Dumpeft.A [Microsoft]	112
Trojan-Downloader.FraudLoad!sd6 [PC Tools]	111
Trojan.Win32.Agent.acrp [Kaspersky Lab]	109
TrojanDownloader:Win32/Agent!rts [Microsoft]	109
Win-Trojan/Adload.32768.T [AhnLab]	108
TrojanDownloader:Win32/Renos.AU [Microsoft]	107
TrojanDownloader:Win32/Renos.gen!AQ [Microsoft]	106

Generic Downloader.x [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	Netherlands	1,167
	China	667
	Slovenia	383
	Russian Federation	331
	Brazil	141
	Republic of Korea	38
	Ukraine	29
	Germany	22
	United Kingdom	20
	France	16
	Spain	14
	Israel	8
	Taiwan	8
	Sweden	5
	Czech Republic	4
	Belgium	2
	Portugal	2
	Australia	1
	Austria	1
	Italy	1
	Japan	1
	Poland	1

Generic Downloader.x [McAfee] is known to be created as:

%AllUsersProfile%\xzemniu.dll

%AppData%\adobe\manager.exe

%AppData%\adobe\player.exe

%AppData%\adobe\rundtl.exe

%AppData%\cogad\cogad.exe

%AppData%\drivers\winupgro.exe

%AppData%\gadcom\gadcom.exe

%AppData%\google\update\googleupdatebeta.exe

%AppData%\microsoft\windows\winlogon.exe

%AppData%\nidle\nidle.exe

%AppData%\nscagent.exe

%AppData%\nsvcappflt.exe

%AppData%\pidle\pidle.exe

%AppData%\ptssvc.exe

%AppData%\spool.exe

%AppData%\sysrc32.exe

%AppData%\syssl.exe

%CommonAppData%\cnczabsh\uzgrqlmx.exe

%CommonAppData%\erwdslur\ajyfwzmn.exe

%CommonAppData%\fibopglk\xafuvatu.exe

%CommonAppData%\jipcrktg\tmxwtyvq.exe

%CommonAppData%\rgbancxe\zwjkbkfu.exe

%CommonAppData%\zshcrmjc\pydsrsto.exe

%CommonPrograms%\startup\update.exe

%DownloadedProgramFiles%\zipext32.dll

%FontsDir%\360eaec0.exe

%FontsDir%\svchost.exe

%FontsDir%\timpiatform.exe

%FontsDir%\userinit.exe

%FontsDir%\wuauclt.exe

%MyDocuments%\qyule\smartupdater.exe

%ProgramFiles%\1k66434m4jeq.exe

%ProgramFiles%\1nwfro82s.exe

%ProgramFiles%\38gqm7m7g.exe

%ProgramFiles%\3mjj3ia\rqdvle0.exe

%ProgramFiles%\50qmq.exe

%ProgramFiles%\6q5r6dz.exe

%ProgramFiles%\6r03g5ji.exe

%ProgramFiles%\71qvbzg.exe

%ProgramFiles%\9j89e7y.exe

%ProgramFiles%\altcmd\altcmd32.dll

%ProgramFiles%\antiviirus.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\ccfiv95zhi.exe

%ProgramFiles%\cinvig\iek.exe

%ProgramFiles%\cmoney\cmoney.exe

%ProgramFiles%\cmvideoplugin\setup.exe

%ProgramFiles%\common files\cthelper.exe

%ProgramFiles%\common files\microsoft\cthelper.exe

%ProgramFiles%\common files\otmx.dll

%ProgramFiles%\common files\system\7k8k3pc8.exe

%ProgramFiles%\common files\system\nboqcey.exe

%ProgramFiles%\common files\system\qqfeop.exe

%ProgramFiles%\dfs2i.exe

%ProgramFiles%\dwimn\iek.exe

%ProgramFiles%\dwimn\mon.exe

%ProgramFiles%\enznh4.exe

%ProgramFiles%\garuyac\garuyacupdate.exe

%ProgramFiles%\gg\gg.exe

%ProgramFiles%\h3kqk5ce.exe.com

%ProgramFiles%\internet explorer\iedw.exe.com

%ProgramFiles%\internet explorer\iexplore.exe.com

%ProgramFiles%\internet explorer\ntshrui.dll

%ProgramFiles%\internet explorer\signup\conime.exe

%ProgramFiles%\internet explorer\svchost.exe

%ProgramFiles%\io8oyqvba4\s3htcnh98rz.exe

%ProgramFiles%\io8oyqvba4\s3htcnh98rz.exe.com

%ProgramFiles%\ix4ehodoj6.exe

%ProgramFiles%\lineguide\lineguideup.exe

%ProgramFiles%\meex.exe

%ProgramFiles%\messenger\bin\sqlwid.exe

%ProgramFiles%\messenger\msgmr.dll

%ProgramFiles%\messenger\msmsgs.exe.com

%ProgramFiles%\microsoft common\wuauclt.exe

%ProgramFiles%\microsoft studio files\lsass.exe

%ProgramFiles%\mms\meimei.exe

%ProgramFiles%\msn\msncorefiles\install\msnsusii.exe.com

%ProgramFiles%\msn\msnia\msniasvc.exe.com

%ProgramFiles%\msn\msninstaller\msninst.exe.com

%ProgramFiles%\mypops\ypops.exe

%ProgramFiles%\netmeeting\cb32.exe.com

%ProgramFiles%\netproject\wamdl.dll

%ProgramFiles%\nguide\nguideup.exe

%ProgramFiles%\ohafhbqulmr.exe

%ProgramFiles%\outlook express\msimn.exe.com

%ProgramFiles%\p2pmax\p2pmax.exe

%ProgramFiles%\pbyn6ve.exe

%ProgramFiles%\pchealthcenter\0.exe

%ProgramFiles%\pchealthcenter\1.exe

%ProgramFiles%\pchealthcenter\2.exe

%ProgramFiles%\pchealthcenter\3.exe

%ProgramFiles%\pchealthcenter\4.exe

%ProgramFiles%\pchealthcenter\5.exe

%ProgramFiles%\pchealthcenter\7.exe

%ProgramFiles%\pointre\cmbar.dll

%ProgramFiles%\pointre\cmcheck.exe

%ProgramFiles%\pointre\cmstart.exe

%ProgramFiles%\portinho\portinho.exe

%ProgramFiles%\qemvb9.exe

%ProgramFiles%\real\svchost.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%DownloadedProgramFiles% is a variable that refers to the file system directory containing downloaded program files. A typical path is C:\Windows\Downloaded Program Files.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.