ThreatExpert's Statistics for Generic.ff [McAfee]:

Generic.ff [McAfee] is also known as:

Threat Alias	Number of Incidents
Mal_Infostl [Trend Micro]	99
Infostealer.Gampass [Symantec]	67
Downloader [Symantec]	63
Packed/Upack [PC Tools]	33
Trojan-Downloader.Agent!sd5 [PC Tools]	28
TROJ_DOWQUE.JB [Trend Micro]	25
Infostealer [Symantec]	24
Trojan-PSW.Win32.QQPass.ys [Kaspersky Lab]	17
Mal/Generic-A [Sophos]	16
Trojan Horse [Symantec]	15
Possible_Infostl [Trend Micro]	14
Packed.Generic.93 [Symantec]	12
Downloader.Generic [PC Tools]	11
Trojan.PWS.QQPass [Symantec]	10
Trojan-Downloader.Win32.Cryptic [Ikarus]	10
Trojan-Downloader.Win32.Small [Ikarus]	10
Mal/TinyDL-L [Sophos]	9
Trojan.Win32.Agent [Ikarus]	9
TrojanDownloader:Win32/Chekafe.B [Microsoft]	9
Trojan-GameThief.Win32.OnLineGames.sciy [Kaspersky Lab]	9
Packed/Upack [AhnLab]	8
Trojan-Downloader.Win32.Cryptic.gen [Kaspersky Lab]	8
Trojan-PSW.QQPass!sd5 [PC Tools]	8
Cryp_Pai-3 [Trend Micro]	7
Trojan-Downloader.Win32.Agent.gjf [Kaspersky Lab]	7
Mal/Packer, Mal/EncPk-BW [Sophos]	6
PWS.Win32.QQpass.CZ [Ikarus]	6
Rootkit.Order [PC Tools]	6
Trojan-Dropper.Agent [Ikarus]	6
Trojan-PWS.OnlineGames.ADRD [PC Tools]	6
Mal/DownLdr-F [Sophos]	5
Mal_Crypt-3 [Trend Micro]	5
Suspicious.MH690 [Symantec]	5
Trojan.PWS.QQPass.Gen.10 [PC Tools]	5
Trojan-Downloader.Win32.Agent.gjg [Kaspersky Lab]	5
Trojan-Downloader.Win32.Small.aowq [Kaspersky Lab]	5
TrojanDownloader:Win32/Tearspear [Microsoft]	5
Trojan-PSW.Win32.QQPass.cmk [Kaspersky Lab]	5
Trojan-PSW.Win32.QQPass.pf [Kaspersky Lab]	5
Win32.SuspectCrc [Ikarus]	5
Win-Trojan/Baidu.41636 [AhnLab]	5
Mal/EncPk-AP, Mal/Packer, Mal/EncPk-BW [Sophos]	4
Mal/EncPk-DH [Sophos]	4
Mal/MassMail-A, Mal/EncPk-AP, Mal/Packer, Mal/EncPk-BW [Sophos]	4
PWS:Win32/QQpass.CZ [Microsoft]	4
Trojan.Win32.Crypt.vb [Kaspersky Lab]	4
Trojan-Downloader.Win32.Delf [Ikarus]	4
Trojan-Downloader.Win32.Small.ageu [Kaspersky Lab]	4
Trojan-Downloader.Win32.Small.gfq [Kaspersky Lab]	4
TrojanDownloader:Win32/Chekafe.A [Microsoft]	4
TrojanDownloader:Win32/Small.gen!O [Microsoft]	4
TrojanDropper:Win32/Dowque.A [Microsoft]	4
Trojan-PSW.Win32.QQPass.atj [Kaspersky Lab]	4
Trojan-PSW.Win32.QQPass.vn [Kaspersky Lab]	4
Trojan-PWS.QQPass [PC Tools]	4
TSPY_WHORAN.D [Trend Micro]	4
Win-Trojan/Buzus.147014 [AhnLab]	4
Downloader.Trojan [Symantec]	3
Mal/EncPk-BW [Sophos]	3
Mal/Packer [Sophos]	3
Packed/NSPack [PC Tools]	3
PWS:Win32/Whoran.A [Microsoft]	3
Troj/Agent-IIV [Sophos]	3
Trojan.DL.Cryptic.Gen [PC Tools]	3
Trojan.DL.Cryptic.Gen.2 [PC Tools]	3
Trojan.Dropper [Symantec]	3
Trojan-Downloader.Small!sd5 [PC Tools]	3
Trojan-Downloader.Win32.VB.aqs [Kaspersky Lab]	3
TrojanDownloader:Win32/Small [Microsoft]	3
VirTool:Win32/Delfsnif.gen [Microsoft]	3
Win-Trojan/Agent.56186 [AhnLab]	3
Backdoor.Graybird [Symantec]	2
Infostealer.Lemir.Gen [Symantec]	2
Mal/Behav-214, Mal/Behav-152 [Sophos]	2
Mal/EncPk-AP, Mal/EncPk-BW [Sophos]	2
Mal/HckPk-A [Sophos]	2
Mal/HckPk-C [Sophos]	2
Mal/Heuri-E, Mal/PWS-K [Sophos]	2
Mal/Packer, Mal/EncPk-BW, Mal/Behav-152 [Sophos]	2
PWS:Win32/Ceekat.gen!A [Microsoft]	2
TROJ_DLOADER.HSO [Trend Micro]	2
Trojan.DL.Small.WMB [PC Tools]	2
Trojan.Goldun [Symantec]	2
Trojan.Small.UTP [PC Tools]	2
Trojan.Win32.Buzus.bsgm [Kaspersky Lab]	2
Trojan:Win32/Malagent [Microsoft]	2
Trojan-Downloader.Agent!sd6 [PC Tools]	2
Trojan-Downloader.Win32.Agent.asib [Kaspersky Lab]	2
Trojan-Downloader.Win32.Agent.cyaf [Kaspersky Lab]	2
Trojan-Downloader.Win32.Agent.dbzd [Kaspersky Lab]	2
Trojan-Downloader.Win32.Agent.fne [Kaspersky Lab]	2
Trojan-Downloader.Win32.Nurech [Ikarus]	2
Trojan-Downloader.Win32.Nurech.ce [Ikarus]	2
Trojan-Downloader.Win32.Small.aovr [Kaspersky Lab]	2
Trojan-Downloader.Win32.Small.cmm [Kaspersky Lab]	2
Trojan-Downloader.Win32.Small.exx [Kaspersky Lab]	2
Trojan-Downloader.Win32.VB.aeu [Kaspersky Lab]	2
Trojan-Dropper.Delf [Ikarus]	2
Trojan-PSW.QQShou!sd5 [PC Tools]	2
Trojan-PSW.Win32.OnLineGames.idz [Kaspersky Lab]	2

Generic.ff [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	China	58
	Russian Federation	18
	Iceland	3

Generic.ff [McAfee] is known to be created as:

%AppData%\bandook.exe

%AppData%\microsoft\sr64\mdmlidbl.exe

%MyDocuments%\qq.exe

%MyDocuments%\qq2007.exe

%System%\bandook folder\ali.exe

%System%\bandook folder\ir32i.exe

%System%\dfbv.dll

%System%\intel\intel.exe

%System%\makinzi\ali.exe

%System%\mgodnn32.exe

%System%\oifmbp32.exe

%System%\rmubjpwcipv.dll

%System%\s571s.exe

%System%\s9s.exe

%System%\syswfgwd2.dll

%System%\temp2.exe

%System%\wdfmgr32.exe

%System%\winlonbk.dll

%System%\winosmo.dll

%System%\winsvc.exe

%System%\z119.exe

%System%\z1957.exe

%System%\z1967.exe

%System%\z1987.exe

%Temp%\7b2c39bb.exe

%Temp%\exe3.exe

%Temp%\ixp000.tmp\svchost.exe

%Windir%\java\svch0st.exe

%Windir%\pchealth\dllh0st.exe

%Windir%\ql3.exe

%Windir%\realschad.exe

%Windir%\windows.exe

c:\myok.exe

c:\myqqbi.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.