Understanding PC security terms Trojan to zombie

Which? Archive

This article, Understanding PC security terms, was last updated on 17 January 2009 and is now out of date and held in our online archive for reference. Explore our latest Technology articles.


Trojan – so named after the famed Trojan Horse – is a malicious program that gets into your computer by disguising itself as something else, such as an image file, a music file or a screensaver.

Clicking on such a file to open it will run the Trojan’s hidden program instead – sometimes referred to as a ‘payload’. Payloads differ from Trojan to Trojan. Some may use this method to infect your PC with a virus, a worm or some spyware.

Others may delete or damage valuable files. It is also possible for a Trojan to open a backdoor to your PC that could allow a hacker to gain access to personal data or take control of your entire computer.

User Account Control

A security feature in Windows Vista, User Account Control (or UAC for short) helps to prevent unauthorised activity on your computer by providing an automatic barrier between important system settings and potentially malicious (or accidental) misuse.

Any time a sensitive Windows setting is accessed or a new program is about to be installed, User Account Control will ‘freeze’ your PC and present a small dialogue box saying ‘Windows needs your permission to continue’. Anyone with an administrator account will need to physically click ‘Continue’ to access the setting.

Standard users will be asked for a password. It may seem like a hassle to have to do this every time you change a setting on your computer, but UAC makes it much harder for hackers and remote access malware to gain control of your PC.

You’ll need to set up different user accounts for every family member if you want to use UAC to manage what gets installed and configured on your PC.


The term ‘virus’ is often used as a catch-all to describe all kinds of security hazards but, in fact, it refers to a specific type of problem. A true computer virus is a program that can, like a biological virus, infect a system and replicate itself without the user’s knowledge. Infection requires a carrier, which can be anything from an email attachment or a download to a program on a disk or USB memory drive.

A virus cannot run on its own; it needs to be run by the computer user, for example by clicking on an infected email attachment. Viruses tend to be created by malicious program coders and are usually intended to spread as widely as possible and to cause general havoc.

Symptoms of a virus infection can sometimes be difficult to recognise. Some viruses can exploit your internet connection to spread themselves via your email account. Others fill up system memory or corrupt certain files, both of which can cause your PC to become unstable or lose data.

Windows PCs are generally more prone to viruses than Apple Macs and Linux systems, as there are far fewer viruses written for other operating systems. Theoretically, no computer is immune to virus infection though, and the only way to protect against them is to use anti-virus software.


Like viruses, worms are programs that replicate themselves, usually over a network or the internet. Unlike viruses, they can run themselves and most aren’t dependent on the user accidentally clicking on an infected file (though some are).

A worm can copy itself over a computer network or the internet by simply exploiting vulnerabilities in the network infrastructure. Some worms spread themselves via email attachments. They behave a little like Trojans in that they pretend to be something else (a Word document or an innocuous-sounding file with an .EXE extension).

Most worms are created to do little more than copy themselves, and are incapable of physically damaging your computer. They can, however, cause serious disruption by clogging up network bandwidth as they copy and send themselves.

Some more malicious worms can provide a way for others to take control of your PC via a ‘back door’. The only way to protect against worms is by using a combination of firewall, anti-spyware and anti-virus software and by keeping all your software (including Windows) up to date.


A zombie computer is an internet-connected computer that has been attacked by a hacker, virus, or Trojan. It is then used under remote control, without the user's awareness, for malicious tasks including sending spam emails. 

Running security software will help to prevent your computer becoming a zombie.