Trojan Viruses take their name from the lore of the Trojan Horse. A Trojan virus is computer malware that is disguised as something useful that encourages you to download or open the file or program which contains the malware. Once opened, the Trojan virus infects your computer. They are capable of downloading or containing “payload” applications that are other computer malware which can do harm. A Trojan Virus is not able to self-replicate like a computer virus, but rather relies on other malware or computer users to spread the infection.

Trojan Virus Payloads

Many Trojan Viruses are designed to allow a hacker to have remote access to your computer. Once you have a Trojan installed on your computer, potential operations that a hacker can perform are:

- Using your machine to help conduct a Denial of Service attack against another website or service.

- Stealing your personal information (banking, credit cards, passwords, etc)

- Installing other computer malware

- Deleting or modifying files on your computer

- Keylogging and screen captures of your activities to send back to the controlling hacker

- Uploading of files to your computer

Methods of Trojan Virus Infection

Trojan viruses normally spread one of two ways: 1 – By being combined with a legitimate looking software program that the user will download and execute on their computer, and 2- disguising themselves as a useful file such as a MP-3 or movie file. They are also known to be sent via email, and sometimes directly injected by hackers through security holes in Web Browsers and Operating Systems.

Trojan Virus Trends

Trojan viruses have increasingly been used as a gateway to other computer malware on the Internet. Hackers have grown savvy to the lack of anti-malware software being used by the general public and have been taking advantage. The majority of Trojan virus infections could be prevented if computer users would simply update their operating system and anti-virus software. Hackers have also been using social networking sites such as Myspace, Facebook, etc to spread Trojan viruses through peer-peer games, message attachments, and DirectX attacks to upload Trojans to unsuspecting computer users.

Computer worms are made to infect other computers through using the Internet to spam copies of themselves to spread. Most computer worms are damaging through their negative impact of system and network resources through their rapid and mostly uncontrolled spread. Some worms are coupled or combined with other computer malware in order to maximize their impact.

Methods of Computer Worm Infection

A lot of computer worms are made with the sole intention to spread and not cause harm to networks and users computers. Examples of worms with benign intentions such as this that resulted in unintended network disruptions were the Morris Worm and Mydoom. Other worms will carry a payload meant to do harm. The ExploreZip worm will actually delete files on the targeted computer. Some worms will encrypt files in an attempt to extort the user to remove the encryption, and others will install a backdoor on your computer in order to allow it to be used to attack other computers, websites, or computing systems. Many times email spammers are found to be behind computer worm infections that are coupled with a payload to make a user’s computer open to being taken over for sending spam email. Other means of spreading by worms are making use of backdoors opened by other computer malware. The well-known worm, Doomjuice uses the backdoor that is opened on your computer by Mydoom. Other means of spreading are through infected email attachments and multi-media files.

Current Trends of Computer Worms

Robert Tappan Morris is credited with accidentally creating the first computer worm in 1988. The “Internet Worm” as it was known, used the sendmail function, finger, and rsh/rexec to spread itself to other computers on the Internet. The SQL Slammer Worm came out in 2003 and used a Microsoft SQL Server 2000 vulnerability in order to spread across the Internet. The Blaster Worm took a similar route in the 2003 by using a Microsoft DCOM / RPC to spread. Well-known email worms that have emerged over the past decade have been: 1 – The Melissa worm of 1999, 2 – The Sobig WOrm of 2003, and 3 – Mydoom worm in 2004. These worms shared features with a Trojan Horse in that they encouraged the end-user to open the infected file attachment in order to spread. The MyDoom worm, however, was the first of a number of computer malware programs to use peer-to-peer file sharing networks to rapidly spread. MyDoom was originally spread using the KaZaa file sharing network and had variants which used payloads to launch denial of service attacks againstMicrosoft and SCO.

Computer Malwareis the term used to describe computer software that is designed to infect one’s computer with a computer virus, rootkit, spyware, or adware. The term malware comes from malcious (intent) + software. It is the more correct term for the majority of infections a computer will receive differing from the term computer virus which refers to only a subset of all computer malware. Once a computer is infected with malware, it will either damage the computer’s files or programs, use the computer to conduct unapproved actions (by the owner) by others, display advertisements, or steal the user’s personal information. Specific types of computer malware are: Trojan Viruses, Computer Viruses, Worms, Spyware, Adware, and Rootkits.

Methods of Computer Malware Infection

Computer Malware may spread in a number of ways. It may infect your computer directly through security holes in your Operating System or Internet Browser, through infected email attachments, through security holes in Instant Messaging programs, through the boot sector of portable media drives such as USB sticks and portable hard drives, through infected multimedia files such as MP3’s and movie files, and through injection into legitimate applications. Many computer malware producers take advantage of the fact that over 50% of computer users either don’t have anti-malware protection or don’t update what they do have on their computer.

Trends in Computer Malware

One of the latest trends in Computer Malware has been the emergence of the rogue anti-spyware Trojan Virus/Spyware. These programs infect your computer through a variety of means, and display fake virus and spyware infection messages to the user. Their primary goal is to trick the user into downloading a paid version of their software in order to “remove” the infection. The only catch is when the user does buy their product, additional computer malware is installed on the targeted computer and the problem becomes worse! Some examples of this latest trend in computer malware are the W32.Fake Raken and W32.Barracuda Spyware.

Computer Malware and Spyware can negatively impact your computer’s performance and put your personal security at risk! With each passing month, there is more and more Spyware that is released on the Internet, potentially placing your personal information and computer at risk.  Spyware does this through:

-         Display of a Large Number of Pop-Up Advertisements

-         Decreasing the Speed of Your Computer

-         Crashing Your Computer

-         Invading Your Privacy

-         Stealing Your Private Information

Spyware Protection Steps

Spyware Protection Step #1 – Using a Firewall

Most computers come with a built-in Firewall today. Many users, however, are either 1 – Scared of using a firewall or 2 – Become annoyed at firewall warnings of spyware or malware attack against their computer that are false alarms and turn it off. Installation and use of a firewall, however, is critical in guarding your computer against spyware and Trojan viruses that attempt to gain control of your computer for use by hackers! Windows XP and Vista come with a Firewall already built in to the Operating System in order to help you guard against Spyware targeted at Microsoft produced OS’s!

Spyware Protection Step #2 – Update Anti-Spyware Software and Spyware Removal Tools

Keeping Windows updated on a regular basis is another key to keeping your computer free of computer spyware and malware! New spyware and malware is released every day and if you delay updating Windows, you could put yourself at greater risk of spyware infection!

Spyware Protection Step #3 – Adjust Web Browser Security Settings

If you have a choice in what Web Browser to use, consider the freely available Google Chrome or Mozilla Firefox web browsers. Each comes with additional security than is found in Internet Explorer and can keep your computer from being attacked by Microsoft specific spyware and adware. If you do use Internet Explorer, adjusting your security settings for the Web Browser to an Internet Zone level of Medium or higher will help prevent your computer from being infected with malware. This is the default setting starting with computers that run Windows XP Service Pack 2. To check and change your current Internet Explorer settings, do the following:

1 – Open Internet Explorer. Select “Tools->Internet Options>”

2 – Choose the “Security” tab and then toggle the security setting to medium or higher.

Spyware Protection Step #4 – Download and Install Antispyware Software

There are a number of Antispyware software packages available on the market. Windows Defender comes bundled with Windows Vista and is free to download for Windows XP, SP2. Norton and Symantec are two of the other well-known anti-virus and anti-spyware software companies on the market. Whatever software package you choose, however, check to make sure it is legitimate by reading multiple reviews on the software to avoid being tricked into downloading fake anti-spyware, spyware such as Barracuda Spyware!

Spyware Protection Step #5 – Be Careful Surfing and Downloading Files

Be judicious in your web surfing habits! Here are some tips to think about when surfing the Internet and downloading files or software:

-         Don’t download programs or files from websites you do not trust. If you haven’t heard of the company before, Google the software or company name to see if you see any negative complaints first.

-         Read the EULA (end user license agreement). A lot of Adware and Spyware will tell you what they are going to do in the fine print…

-         Do not choose “Ok” or “Agree” to close out of a window online. “Alt + F4” or the big “X” in the corner of the browser window will help prevent some threats from infecting your computer.

-         Be very, very leery of File sharing and free movie sites. One of the most common ways hackers get backdoors installed on work and home computers is through infected multimedia files. Don’t let them get to your computer!

These steps are not all encompassing, but by following them; you will be well on your way to being protected against computer spyware and malware.

Technorati Required Tag: dcjs8bxkqw

Win.32 Bagz Computer Worm Description

Win32 bagz is a malware worm that is transferred from spoof emails to thousands of computers. Anti-virus software may block your computer from being harmed, but it tends to be successful at hiding itself.

Win.32 Bagz Malware Installation

The win32.Bagz worm is installed when you download an attachment that has been infected. These attachments are often found inside emails from an attacker.

How does Win.32 Bagz Infect Your Computer

The worm infects your computer when an attacker sends you and thousands of other people a “fake” email with a catchy title and attachment. The email will encourage you to download the attachment, which will then execute the worm. The worm will copy files to your directory, allowing it to connect to various ports and receive downloads from a remote server.

Win.32 Bagz Malware Payload

The payload includes stealing information such as passwords, emails so that the virus can continue to spread, and slowing down your computer processes. This is all taxing on your computer and makes it very difficult to remove the virus successfully. It also disables firewalls and virus protection programs if it can get into your system undetected.

In the end, the attacker could end up with your secure information without you even knowing. Since it is difficult to identify this virus immediately, a lot of damage could be done before you get the chance to stop it.

Win.32 Bagz Malware Processes and Files

Many different files may be present on your computer when it is infected with the win32 bagz malware. It can change system directory names, as well as file names so you cannot find them any longer. The following files are identifiers when it comes to the bagz virus:

tutorial.doc<multiple spaces>.exe
sqlssl.doc<multiple spaces>.exe
dl.exe
run32.exe
syslongon.exe
sysinfo32.exe
ipdb.dll
jobdb.dll
wdate.dll
tutorial.zip
ndisrd.sys
ndisapi.dll
<system folder>\drivers\ndisrd.sys

You can usually identify malware files if they have double extensions such as .exe.doc or a similar set up. No file will ever have a double extension, but a virus will because they attempt to mask that it is a malicious program.

W32.Bagz Computer Worm Basic Removal Steps
The W32.Bagz Computer Worm is complex and it is not recommended to attempt manual removal. Automatic removal using an updated anti-virus program is the recommended means for removal.
Click here for automatic removal instructions for removing the W32.Bagz Computer Worm.