ThreatExpert's Statistics for Generic PUP.x [McAfee]:

Generic PUP.x [McAfee] is also known as:

Threat Alias	Number of Incidents
Troj/FakeAV-CL [Sophos]	14,484
RogueAntiSpyware.AntivirusXP2008 [PC Tools]	7,486
TROJ_RENOS.ACG [Trend Micro]	6,966
AntiVirus2008 [Symantec]	4,614
Troj/FakeVir-DE [Sophos]	4,300
not-a-virus:FraudTool.Win32.XPAntivirus.ld [Kaspersky Lab]	4,128
Win32.SuspectCrc [Ikarus]	3,985
Adware.CPush [Symantec]	2,048
Program:Win32/Antivirus2008 [Microsoft]	2,022
not-a-virus:AdWare.Win32.BHO.dbj [Kaspersky Lab]	1,716
AntiVirus2009 [Symantec]	1,626
not-a-virus:FraudTool.Win32.XPAntivirus.oj [Kaspersky Lab]	1,593
TROJ_FAKEALER.GV [Trend Micro]	1,593
Troj/FakeAle-GZ [Sophos]	1,215
RogueAntiSpyware.AntiVirusPro [PC Tools]	918
Adware.BHO!sd6 [PC Tools]	773
FakeAlert-AB [McAfee]	513
not-a-virus:AdWare.Win32.BHO.ee [Kaspersky Lab]	505
PHISH.FraudTool.XPAntivirus [Ikarus]	405
not-a-virus:AdWare.Win32.BHO.cwl [Kaspersky Lab]	280
Adware.BHO!sd5 [PC Tools]	271
Trojan Horse [Symantec]	271
not-a-virus:AdWare.Win32.BHO.clx [Kaspersky Lab]	247
Adware.Sogou [PC Tools]	232
PHISH.FraudTool.XPAntivirus.OJ [Ikarus]	189
Generic.Win32.Malware.Sogou [Ikarus]	183
not-a-virus:FraudTool.Win32.MSAntivirus.r [Kaspersky Lab]	176
Program:Win32/Sogou [Microsoft]	171
Troj/AdClick-ER [Sophos]	171
not-a-virus:AdWare.Win32.BHO.dzf [Kaspersky Lab]	160
Downloader.MisleadApp [Symantec]	137
Adware.CPush!sd6 [PC Tools]	130
Mal/FakeAV-F [Sophos]	123
not-a-virus:FraudTool.Win32.UltimateAntivirus.cc [Kaspersky Lab]	121
Hacktool [Symantec]	117
Adware.BHO.EE [PC Tools]	111
TROJ_FAKEALER.VL [Trend Micro]	110
Hacktool.Rootkit [Symantec]	100
Troj/FakeAle-FJ [Sophos]	94
not-a-virus:AdWare.Win32.BHO.cep [Kaspersky Lab]	84
Trojan.Fakeavalert [Symantec]	84
not-a-virus:FraudTool.Win32.Agent.cb [Kaspersky Lab]	78
TROJ_ADCLICK.CH [Trend Micro]	77
Trojan-Downloader.MisleadApp!sd6 [PC Tools]	77
Generic.Win32.Malware.Antivirus2008 [Ikarus]	56
not-a-virus:PSWTool.Win32.FirePass.a [Kaspersky Lab]	56
Adware:Win32/Owlforce [Microsoft]	52
Generic.Win32.Malware.FakeAlert.N [Ikarus]	50
TROJ_FAKEAV.JI [Trend Micro]	44
Rootkit.OnlineGames.Gen.89 [PC Tools]	42
Trojan:Win32/FakeSecSen [Microsoft]	41
not-a-virus:AdWare.Win32.BHO.dxc [Kaspersky Lab]	40
not-a-virus:AdWare.Win32.BHO.agy [Kaspersky Lab]	36
Downloader [Symantec]	35
PSWTool.RAS!sd5 [PC Tools]	35
TROJ_AGENT.VXO [Trend Micro]	35
Adware.Agent!sd6 [PC Tools]	34
Infostealer.Gampass [Symantec]	32
not-a-virus:AdWare.Win32.Agent.dyp [Kaspersky Lab]	32
HackTool.Win32.Homac [Kaspersky Lab]	31
HackTool.Homac!sd5 [PC Tools]	30
Rootkit.Agent!sd6 [PC Tools]	30
Trojan.FakeAlert [PC Tools]	30
Trojan.Zlob [Symantec]	28
Trojan.Fakeavalert!sd6 [PC Tools]	27
Mal/FakeAV-E [Sophos]	26
not-a-virus:AdWare.Win32.BHO.cjh [Kaspersky Lab]	26
Mal/Agent-E [Sophos]	25
Mal/EncPk-BW [Sophos]	25
Troj/FakeAle-GY [Sophos]	25
Trojan.Win32.BHO.gpv [Kaspersky Lab]	25
Generic PUP.b [McAfee]	24
not-a-virus:PSWTool.Win32.FirePass.m [Kaspersky Lab]	24
Infostealer [Symantec]	22
Adware:Win32/AdRotator [Microsoft]	21
Backdoor.Trojan [Symantec]	21
Adware.NetPumper [PC Tools]	20
RogueAntiSpyware.MS_Antivirus [PC Tools]	20
Trojan.Win32.BHO.gpv [Ikarus]	20
VirTool:Win32/CeeInject.gen!J [Microsoft]	20
Adware.ISMonitor!sd6 [PC Tools]	19
VirTool:WinNT/Knockex.D [Microsoft]	19
not-a-virus:PSWTool.Win32.RAS.a [Kaspersky Lab]	18
Trojan.Adclicker [Symantec]	18
VirTool:Win32/VBInject.gen!C [Microsoft]	18
TrojanDownloader:Win32/Renos.DU [Microsoft]	17
VirTool:Win32/DelfInject.gen!X [Microsoft]	17
not-a-virus:AdTool.Win32.MyWebSearch.ck [Kaspersky Lab]	16
Troj/FakeVir-FL [Sophos]	16
Virus.Win32.Adload.LN [Ikarus]	16
Hoax.Win32.Renos [Ikarus]	15
Virus.Win32.FakeAlert.S [Ikarus]	15
Hacktool.Rootkit!sd6 [PC Tools]	14
not-a-virus:Client-IRC.Win32.mIRC.603 [Kaspersky Lab]	14
Trojan.Win32.VB.ekb [Kaspersky Lab]	14
DoctorAdwarePro [Symantec]	13
Hacktool.PassReminder [Symantec]	13
Mal/EncPk-CZ [Sophos]	13
Mal/Generic-A [Sophos]	13
TROJ_BFFL.A [Trend Micro]	12

Generic PUP.x [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	China	2,925
	United Kingdom	2,304
	Russian Federation	215
	Israel	23
	Taiwan	19
	Canada	10
	Ukraine	10
	Germany	7
	Spain	6
	South Africa	5
	Italy	4
	Sweden	4
	Australia	3
	France	3
	Argentina	1
	Belgium	1
	Brazil	1
	Egypt	1
	Netherlands	1
	Norway	1
	Poland	1
	Portugal	1
	Republic of Korea	1
	Switzerland	1
	Trinidad and Tobago	1

Generic PUP.x [McAfee] is known to be created as:

%AppData%\dxdlls\dxdlg.exe

%AppData%\dxdlls\imapdb.exe

%DownloadedProgramFiles%\thunderadvise.dll

%MyDocuments%\spydevastator\sdbho.dll

%ProgramFiles%\aav\aav.exe

%ProgramFiles%\advancedhelper\advancedhelper-1.dll

%ProgramFiles%\adware deluxe\spywares\browser hijack\helper.dll

%ProgramFiles%\alertspy\spywares\spydb.exe

%ProgramFiles%\amsys\swsys.exe

%ProgramFiles%\antispywarexp2009\uninstall.exe

%ProgramFiles%\antivirus 2008\antvrs.exe

%ProgramFiles%\asc 2.1\ascwarning32.dll

%ProgramFiles%\avm\avm.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\buysafeshoppingadvisor\buysafeshoppingadvisor.dll

%ProgramFiles%\calendar\htmlpeek.dll

%ProgramFiles%\closemonitor\baidu.exe

%ProgramFiles%\common files\cpush\cpush.dll

%ProgramFiles%\common files\cpush\uninst.exe

%ProgramFiles%\common files\pushware\cpush.dll

%ProgramFiles%\common files\pushware\uninst.exe

%ProgramFiles%\common files\system\svchostu.exe

%ProgramFiles%\dfsdfsd\kiss.exe

%ProgramFiles%\doctor adware\spywares\browser hijack\helper.dll

%ProgramFiles%\ekerberos\ekerberos.exe

%ProgramFiles%\eroca\eroca.exe

%ProgramFiles%\fieryads\commlayer.dll

%ProgramFiles%\fieryads\fieryads.dll

%ProgramFiles%\flashmute\uninstall.exe

%ProgramFiles%\game\htmlpeek.dll

%ProgramFiles%\ganeralos\kiral.exe

%ProgramFiles%\google\googletoolbar1.dll

%ProgramFiles%\halloweentoolbar\halloweentoolbar.dll

%ProgramFiles%\http brute forcer\httpbruteforcer.exe

%ProgramFiles%\i711.com toolbar\tbhelper.dll

%ProgramFiles%\iesuper\iesuper.dll

%ProgramFiles%\ism\ism.exe

%ProgramFiles%\kwssolution\kwsguide.dll

%ProgramFiles%\kwssolution\kwsguideupt.exe

%ProgramFiles%\luckytender\1.3.0\luckytender.dll

%ProgramFiles%\mail passview\mailpv.exe

%ProgramFiles%\medilexicon toolbar\tbhelper.dll

%ProgramFiles%\messenpass\mspass.exe

%ProgramFiles%\mirc\irc bot\svchost.exe

%ProgramFiles%\msa\msa.exe

%ProgramFiles%\myportal\speed-x\uninstall.exe

%ProgramFiles%\mywebsearch\bar\1.bin\f3scrctr.dll

%ProgramFiles%\netpumper\npnetpumper_application.dll

%ProgramFiles%\netpumper\npnetpumper_video.dll

%ProgramFiles%\network password recovery\netpass.exe

%ProgramFiles%\oovootoolbar\oovootoolbar.dll

%ProgramFiles%\ozby toolbar\tbhelper.dll

%ProgramFiles%\pchealthcenter\0.exe

%ProgramFiles%\pchealthcenter\1.exe

%ProgramFiles%\pchealthcenter\2.exe

%ProgramFiles%\pchealthcenter\5.exe

%ProgramFiles%\pcprivacycleaner\pcpc.exe

%ProgramFiles%\pestbot\spywares\browser hijack\helper.dll

%ProgramFiles%\plein66\tbhelper.dll

%ProgramFiles%\pointcash\uninstall.exe

%ProgramFiles%\qdrdrive\qdrdrive20.dll

%ProgramFiles%\qdrdrive\qdrdrive9.dll

%ProgramFiles%\remote\remote.exe

%ProgramFiles%\rhc75dj0erc1\rhc75dj0erc1.exe

%ProgramFiles%\richvideocodec\multiloader.dll

%ProgramFiles%\rupass\rupass.dll

%ProgramFiles%\rx toolbar\rx.dll

%ProgramFiles%\sav\sav.exe

%ProgramFiles%\scourtoolbar\scourtoolbar.dll

%ProgramFiles%\setup_iesuper_0010071.exe

%ProgramFiles%\spydestroy pro\spywares\browser hijack\helper.dll

%ProgramFiles%\spyguard\parser.exe

%ProgramFiles%\spymaxx\parser.exe

%ProgramFiles%\spytech software\spytech spyagent\svchost.exe

%ProgramFiles%\super fast shutdown\shutdown.exe

%ProgramFiles%\tibee\tibee.dll

%ProgramFiles%\timerdesk\htmlpeek.dll

%ProgramFiles%\totalsecure2009\scan.exe

%ProgramFiles%\uav\uav.exe

%ProgramFiles%\ultimateenhancer\ultimateenhancer-1.dll

%ProgramFiles%\urlfreeze toolbar\tbhelper.dll

%ProgramFiles%\vg\dial.dll

%ProgramFiles%\virtualnetwork\virtualnetwork.dll

%ProgramFiles%\virusisolator\virusisolator.exe

%ProgramFiles%\vnrblock\vnrblock20.exe

%ProgramFiles%\wav\wav.exe

%ProgramFiles%\web buying\v1.8.5\wbuninst.exe

%ProgramFiles%\winprotector3.8\winprotector.exe

%ProgramFiles%\www.4fuckbuddies.co.uk\tbhelper.dll

%ProgramFiles%\zero freezer 1.5\data_file.exe

%ProgramFiles%\zumie\zumie.dll

%Programs%\startup\userinit.exe

%System%\_urltvbltjpta.dll

%System%\0914\1346.exe

%System%\219725\219725.dll

%System%\2b1.dll

%System%\5cc10129.dll

%System%\673351\673351.dll

%System%\784953\784953.dll

%System%\agin_bho.dll

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%DownloadedProgramFiles% is a variable that refers to the file system directory containing downloaded program files. A typical path is C:\Windows\Downloaded Program Files.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).