ThreatExpert's Statistics for Suspicious.MH690 [Symantec]:

Suspicious.MH690 [Symantec] is also known as:

Threat Alias	Number of Incidents
Keylog-Perfect.dldr [McAfee]	781
Mal/Generic-A [Sophos]	725
Application.Perfect_Keylogger [PC Tools]	719
not-a-virus:Monitor.Win32.Perflogger.cb [Kaspersky Lab]	690
Packed/Upack [AhnLab]	423
New Malware.aj [McAfee]	386
TrojanDownloader:Win32/Agent.FZ [Microsoft]	361
Mal/Packer [Sophos]	327
Spyware.Perfect [Symantec]	327
Trojan-Spy.Win32.Perfloger.ab [Ikarus]	268
Trojan-PWS.Win32.QQPass [Ikarus]	267
Trojan-Spy.Banker [Ikarus]	246
Generic.dx [McAfee]	235
Win-Trojan/Hupigon.Gen [AhnLab]	208
Mal/Packer, Mal/Behav-024, Mal/Behav-204, Mal/Behav-009 [Sophos]	196
Win32.SuspectCrc [Ikarus]	181
Mal/Banker-E [Sophos]	151
New Malware.n [McAfee]	144
Win-Trojan/Xema.variant [AhnLab]	143
Trojan-Downloader.Win32.Banload [Ikarus]	133
Mal/Packer, Mal/EncPk-BW [Sophos]	119
Trojan-Dropper.Agent [Ikarus]	119
Virus.Win32.OnLineGames.AHK [Ikarus]	115
Mal/HckPk-A [Sophos]	105
Trojan.Crypt [Ikarus]	105
not-a-virus:Monitor.Win32.Perflogger [Ikarus]	104
Mal/TibsPk-A [Sophos]	100
Win-Trojan/OnlineGameHack.B [AhnLab]	99
Trojan-Spy.Win32.Banker.anv [Ikarus]	89
Trojan Horse [Symantec]	88
Mal/Behav-204 [Sophos]	87
Trojan.Win32.Agent [Ikarus]	85
Trojan-Dropper.Win32.Malf [Ikarus]	83
Spy-Agent.cv [McAfee]	80
Trojan-Spy.Win32.Perfloger.ab [Kaspersky Lab]	70
Trojan-Spy.Win32.Ardamax [Ikarus]	66
VirTool.Win32.DelfInject [Ikarus]	64
Mal/Zlob-AG [Sophos]	62
PWS:Win32/Stealer.M [Microsoft]	61
Trojan.Generic [Ikarus]	61
Backdoor.Win32.Hupigon [Ikarus]	60
TROJ_ZLOB.AKT [Trend Micro]	56
Mal/Behav-328, Mal/Emogen-I, Mal/Behav-009 [Sophos]	54
Mal_Banker [Trend Micro]	53
Win32/MalPackedB.suspicious [AhnLab]	52
Trojan-Dropper.Win32.Agent.anpx [Kaspersky Lab]	50
Trojan-PWS.OnlineGames.ADRD [PC Tools]	50
W32/Spybot.worm!a [McAfee]	50
New Malware.u [McAfee]	49
Trojan-Banker.Win32.Banbra.rcp [Kaspersky Lab]	49
Trojan-Downloader.Win32.VB.lih [Kaspersky Lab]	49
Backdoor.Win32.IRCBot [Ikarus]	48
Trojan-Downloader.VB!sd6 [PC Tools]	48
PWS-Banker.gen.dh.dldr [McAfee]	47
Trojan:Win32/Glox.gen!damaged [Microsoft]	47
VirTool:Win32/DelfInject.gen!AQ [Microsoft]	47
Trojan.Generic [PC Tools]	46
Trojan-Dropper.Win32.Agent.amle [Kaspersky Lab]	46
Virus.Win32.Crypt.CIK [Ikarus]	46
Infostealer.Gampass [Symantec]	45
Trojan:Win32/Meredrop [Microsoft]	45
Trojan:Win32/Tibs.IT [Microsoft]	45
Mal/EncPk-BU, Mal/Packer, Mal/EncPk-BA [Sophos]	44
Mal/EncPk-FO [Sophos]	44
VirTool:Win32/Injector.gen!AD [Microsoft]	44
Win-Trojan/Buzus.229864 [AhnLab]	44
New Malware.bl [McAfee]	43
TROJ_FAKEAV.AC [Trend Micro]	43
Trojan-Banker.Win32.Banker [Ikarus]	43
TSPY_ARDAMAX.HR [Trend Micro]	43
New Win32 [McAfee]	42
Downloader [Symantec]	41
Mal/Behav-328, Mal/Behav-103, Mal/Behav-043 [Sophos]	41
Mal/Behav-103, Mal/Behav-043 [Sophos]	40
TrojanDownloader:Win32/Renos.JH [Microsoft]	40
Trojan-GameThief.Win32.OnLineGames [Ikarus]	40
Trojan-Spy.Win32.Ardamax.t [Kaspersky Lab]	40
Virus.Win32.Trojan [Ikarus]	40
Cryp_PESpin [Trend Micro]	38
Trojan-Spy.Win32.Pophot [Ikarus]	38
VirTool:Win32/DelfInject.gen!AC [Microsoft]	38
Gen.Trojan [Ikarus]	37
Generic.PWS.Games [Ikarus]	37
Infostealer [Symantec]	37
Trojan.Win32.Midgare.mqa [Kaspersky Lab]	37
Trojan.Win32.Bohmini.A [Ikarus]	36
Win-Trojan/Midgare.34685 [AhnLab]	36
PWS-Mmorpg.gen [McAfee]	35
Trojan-Spy.Win32.Ardamax.n [Kaspersky Lab]	35
TSPY_ARDAMAX.GA [Trend Micro]	35
VirTool.Win32.Injector [Ikarus]	35
Mal/Basine-C [Sophos]	34
Packed.Win32.Klone [Ikarus]	34
Trojan-Dropper.Win32.Comotor [Ikarus]	34
AdWare.Win32.BHO [Ikarus]	33
Trojan.Win32.Buzus.bzes [Kaspersky Lab]	33
Mal/Behav-130 [Sophos]	32
Mal/Dropper-T [Sophos]	32
Packer.PESpin [Ikarus]	32
W32/Koobfa-Gen [Sophos]	32

Suspicious.MH690 [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	China	1,004
	Brazil	925
	Russian Federation	285
	United Kingdom	111
	Germany	54
	Spain	28
	Israel	23
	Sweden	23
	France	13
	Italy	12
	Netherlands	10
	Portugal	10
	Republic of Korea	7
	Ukraine	6
	Australia	4
	Poland	4
	Saudi Arabia	4
	Taiwan	4
	Turkey	3
	Bulgaria	2
	Czech Republic	2
	Syria	2
	Belgium	1
	Canada	1
	Colombia	1
	Egypt	1
	Finland	1
	Indonesia	1
	Ireland	1
	Japan	1
	Mexico	1
	Norway	1
	Switzerland	1

Suspicious.MH690 [Symantec] is known to be created as:

%AppData%\accey.exe

%AppData%\av.exe

%AppData%\bifrost\server.exe

%AppData%\cftmon.exe

%AppData%\csrss.exe

%AppData%\event.exe

%AppData%\file.exe

%AppData%\iexpress\bin\iexpressr.exe

%AppData%\ikrelh\uiucsysguard.exe

%AppData%\inetinfo.exe

%AppData%\lsas.exe

%AppData%\lsass.exe

%AppData%\microsoft\csrss.exe

%AppData%\microsoft\lsass.exe

%AppData%\microsoft\smss.exe

%AppData%\microsoft\winlog.exe

%AppData%\ptssvc.exe

%AppData%\rmeckq\dioisysguard.exe

%AppData%\s03-7323-geynawt-2623-tgaw\winlogon.exe

%AppData%\service.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\sserv.exe

%AppData%\svchost.exe

%AppData%\taskeng.exe

%AppData%\winlogon.exe

%AppData%\winspools.exe

%CommonAppData%\11511564\11511564.exe

%CommonAppData%\11614374\11614374.exe

%CommonAppData%\11615004\11615004.exe

%CommonAppData%\11615154\11615154.exe

%CommonAppData%\11616094\11616094.exe

%CommonAppData%\11658434\11658434.exe

%CommonAppData%\11944534\11944534.exe

%CommonAppData%\11959844\11959844.exe

%CommonAppData%\11962034\11962034.exe

%CommonAppData%\12152184\12152184.exe

%CommonAppData%\12173904\12173904.exe

%CommonAppData%\2deb8\sm064.exe

%CommonAppData%\2deb8\vs064.exe

%CommonAppData%\e4a12b7\wee4a1.exe

%CommonAppData%\e4a12b7\wie4a1.exe

%CommonAppData%\e4a12b7\wse4a1.exe

%CommonPrograms%\startup\coffin.exe

%CommonPrograms%\startup\iexplorer.exe

%CommonPrograms%\startup\jvm0.exe

%CommonPrograms%\startup\mtr.exe

%CommonPrograms%\startup\svchost.exe

%CommonPrograms%\startup\sys_aupdate.exe

%CommonPrograms%\startup\woooow.exe

%FontsDir%\alg.exe

%FontsDir%\conime.exe

%FontsDir%\lsass.exe

%FontsDir%\note.exe

%FontsDir%\smss.exe

%FontsDir%\timpiatform.exe

%FontsDir%\unwise_.exe

%InternetCache%\75988.exe

%InternetCache%\98562.exe

%LocalSettings%\tempservices.exe

%Profiles%\208.exe

%Profiles%\28.exe

%Profiles%\9009.exe

%Profiles%\localservice\application data\880988682.exe

%Profiles%\lojk.exe

%ProgramFiles%\aggress\doorway generator\aggressdoorgen.exe

%ProgramFiles%\amok playlist copy\amokplaylistcopy.exe

%ProgramFiles%\avira\avira.exe

%ProgramFiles%\bifrost\a.exe

%ProgramFiles%\bifrost\icop.exe

%ProgramFiles%\bifrost\picture.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\bifroxx\server.exe

%ProgramFiles%\common files\001.exe

%ProgramFiles%\common files\safesys.exe

%ProgramFiles%\common files\svchost.exe

%ProgramFiles%\common files\sysanti.exe

%ProgramFiles%\common files\system.exe

%ProgramFiles%\common files\system\ieupdates.exe

%ProgramFiles%\common files\system\qmc.exe

%ProgramFiles%\common files\xsafe.exe

%ProgramFiles%\dfsdfsd\kiss.exe

%ProgramFiles%\downfile\coopenad.exe

%ProgramFiles%\dtst\server.exe

%ProgramFiles%\eset\egui.exe

%ProgramFiles%\face maker\facemaker.exe

%ProgramFiles%\flash_8.exe

%ProgramFiles%\ftnd.exe

%ProgramFiles%\gene6 ftp server\g6ftptray.exe

%ProgramFiles%\hgzserver\svch0st.exe

%ProgramFiles%\internet explor\internet.exe

%ProgramFiles%\internet explorer\ielowutil2.exe

%ProgramFiles%\internet explorer\svcnost.exe

%ProgramFiles%\intitdll.exe

%ProgramFiles%\ipuser\topic.exe

%ProgramFiles%\java\java.exe

%ProgramFiles%\java\jre1.6.0_06\bin\javas.exe

%ProgramFiles%\loldamn\server.exe

%ProgramFiles%\meex.exe

%ProgramFiles%\messenger\server.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.