ThreatExpert's Statistics for Email-Worm.Win32.Bagle [Ikarus]:

Email-Worm.Win32.Bagle [Ikarus] is also known as:

Threat Alias	Number of Incidents
Email-Worm.Win32.Bagle.adk [Kaspersky Lab]	304
Mal/Generic-A [Sophos]	292
Generic.dx [McAfee]	291
Email-Worm.Bagle!sd6 [PC Tools]	288
Trojan Horse [Symantec]	273
Win32/Bagle.worm.2112 [AhnLab]	128
Worm:Win32/Forput!rts [Microsoft]	48
W32/Bagle.gen [McAfee]	46
Email-Worm.Win32.Bagle.of [Kaspersky Lab]	45
TROJ_BAGLE.AO [Trend Micro]	45
Trojan.Lodeight.C [Symantec]	43
Worm:Win32/Bagle.gen!C [Microsoft]	39
Mal/Packer, Mal/Behav-191, Mal/Bagpk-D [Sophos]	22
Mal/UnkPack-Fam [Sophos]	16
Trojan.Rootkit [Ikarus]	16
Win32/MalPackedB.suspicious [AhnLab]	15
Trojan.Lodeight!sd6 [PC Tools]	14
Email-Worm.Bagle.of [PC Tools]	10
Email-Worm.Win32.Bagle.majf [Kaspersky Lab]	9
Email-Worm.Win32.Bagle.z [Kaspersky Lab]	8
Mal/Packer, Mal/Behav-191, Mal/Bagpk-D, W32/Bagle-Gen [Sophos]	8
W32.Beagle.X@mm [Symantec]	8
W32.Beagle.DZ [Symantec]	7
W32/Bagle.aa@MM [McAfee]	7
W32/Bagle-AA [Sophos]	7
Email-Worm.Bagle!sd5 [PC Tools]	6
I-Worm.Bagle.Z [PC Tools]	6
NTRootKit-W [McAfee]	6
Worm:Win32/Bagle.Z@mm [Microsoft]	6
WORM_BAGLE.BL [Trend Micro]	6
Email-Worm.Bagle [PC Tools]	5
Email-Worm.Win32.Bagle.gl [Kaspersky Lab]	5
Mal/Bagpk-D, Mal/Behav-191, Mal/Packer [Sophos]	4
Email-Worm.Win32.Bagle.ai [Kaspersky Lab]	3
TROJ_MITGLIED.AR [Trend Micro]	3
W32.Beagle.AG@mm [Symantec]	3
W32/Bagle.dldr.gen [McAfee]	3
W32/Bagle-AI [Sophos]	3
W32/Bagle-Gen, Mal/Bagpk-D, Mal/Behav-191, Mal/Packer [Sophos]	3
Win32/Bagle.worm.AG [AhnLab]	3
Worm:Win32/Bagle.AI@mm [Microsoft]	3
WORM_BAGLE.JG [Trend Micro]	3
Downloader [Symantec]	2
Email-Worm.Bagle!ct [PC Tools]	2
Email-Worm.Win32.Bagle.cc [Kaspersky Lab]	2
Email-Worm.Win32.Bagle.gm [Kaspersky Lab]	2
Email-Worm.Win32.Bagle.gt [Kaspersky Lab]	2
Email-Worm.Win32.Bagle.gv [Kaspersky Lab]	2
Email-Worm.Win32.Bagle.in [Kaspersky Lab]	2
NTRootKit-W.sys [McAfee]	2
Trojan.Lodeight [PC Tools]	2
Trojan.Mitglieder.S [Symantec]	2
Trojan.Tooso [PC Tools]	2
Trojan.Tooso!gen [Symantec]	2
Trojan.Tooso.L [Symantec]	2
Trojan.Tooso.R [Symantec]	2
Trojan:Win32/Malagent [Microsoft]	2
TrojanProxy:Win32/Mitglieder [Microsoft]	2
W32/Bagle [McAfee]	2
W32/Bagle-KJ [Sophos]	2
W32/Bagle-KN [Sophos]	2
W32/Bagle-QX [Sophos]	2
Win32/Bagle.worm.Z [AhnLab]	2
Win-Trojan/Agent.68656 [AhnLab]	2
Worm:Win32/Bagle.AA@mm [Microsoft]	2
WORM_Bagle.GEN-1 [Trend Micro]	2
WORM_BAGLE.Z [Trend Micro]	2
Dropper/Mudrop.117760 [AhnLab]	1
Email-Worm.Win32.Bagle.aa [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.aav [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.bx [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.co [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.fk [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.hj [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.it [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.jn [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.kn [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.majk [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.maml [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.mane [Kaspersky Lab]	1
Email-Worm.Win32.Bagle.o [Kaspersky Lab]	1
Generic PWS.y [McAfee]	1
Generic.dx!de [McAfee]	1
I-Worm.Bagle.JV [PC Tools]	1
I-Worm.Bagle.LD [PC Tools]	1
I-Worm.Bagle.P [PC Tools]	1
I-Worm.Bagle.Z.Drop [PC Tools]	1
I-Worm.Bagle.ZTD [PC Tools]	1
I-Worm.Bagle.ZVN [PC Tools]	1
Mal/Behav-191, Mal/Bagpk-D [Sophos]	1
Mal/Emogen-N, Mal/Behav-191, Mal/Bagpk-D [Sophos]	1
Mal/Emogen-U, Mal/PWS-L [Sophos]	1
Mal/HckPk-A [Sophos]	1
Mal/Heuri-E, Mal/Heuri-D, Mal/Emogen-N, Mal/Behav-191, Mal/Bagpk-D [Sophos]	1
Mal/Packer, Mal/Bagpk-D [Sophos]	1
Mal/Packer, Mal/Emogen-U, Mal/PWS-L [Sophos]	1
Mal/TibsPak, W32/Bagle-Gen [Sophos]	1
New Malware.b [McAfee]	1
PE_BAGLE.P-O [Trend Micro]	1
Possible_Virus [Trend Micro]	1

Email-Worm.Win32.Bagle [Ikarus] has the following possible country of origin:

Origin		Number of Incidents
	Russian Federation	11

Email-Worm.Win32.Bagle [Ikarus] is known to be created as:

%AppData%\hidires\rosa.sys

%AppData%\hidn\hidn1.exe

%AppData%\hidn\hidn2.exe

%AppData%\hidn\hldrrr.exe

%AppData%\hidn\m_hook.sys

%AppData%\m\flec006.exe

%System%\auhook.dll

%System%\drvddll.exe

%System%\mdelk.exe

%System%\svc.exe

%System%\sys0_32.dll

%System%\sys16u.dll

%System%\sys18h.dll

%System%\winshost.exe

%System%\wintems.exe

%System%\winupd.exe

%System%\winxp.exe

%System%\wiwshost.exe

%System%\wm3dap.dll

%Temp%\dgmhbjhknmvw.exe

%UserProfile%\auhook.dll

%Windir%\cjector.exe

%Windir%\cplstub.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.