Computer viruses, worms, trojan horses, and rootkit

• ·         A computer virus is a potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission. Once the virus infects the computer, it can spread throughout and may damage files and system software, including the operating system.

• ·         A worm is a program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer or network.

• ·         A Trojan horses (named after the Greek myth) is a program that hides within or looks like a legitimate program. A certain condition or action usually triggers the Trojan horse. Unlike a virus or worm, a Trojan horse doesn’t replicate itself to other computers.

• ·         A rootkit is a program that hides in a computer and allows someone from a remote location to take full control of the computer. Once the rootkit is installed, the rootkit author can execute programs, change settings, monitor activity, and access files on the remote computer. Although rootkits can have legitimates uses, such as in law enforcement, their use in nefarious and illegal activities is growing rapidly.

Computer viruses, worms, Trojan horse, and rootkits are classified as a malware (shortcut for malicious software), which are programs that act without a user’s knowledge and deliberately alter the computer’s operations. Other classes of malware include back doors and spyware. Although malware often falls in one of these classes (virus, worm, Trojan horse, rootkit, back door, or spyware), some malware has characteristic of two or more classes. For example. MyDoom and blaster are worms; Melissa has element of a virus, worm, and Trojan horse.

Unscrupulous programmers write malware and then test it to ensure it can deliver its payload. The payload is the destructive event or prank the program is intended to deliver. A computer infected by a virus, worm, Trojan horse, or rootkit often has one or more of the following symptoms:

• ·         Operating system runs much slower than usual

• ·         Available memory is less than expected

• ·         Files become corrupted

• ·         Screen displays unusual message or image

• ·         Music or unusual sound plays randomly

• ·         Existing programs and files disappear

• ·         Programs or files do not work properly

• ·         Unknown programs or files mysteriously appear

• ·         System properties change

• ·         Operating system doesn’t start up

• ·         Operating system shuts down unexpectedly

Malware delivers its payload on a computer in a variety of ways: when a user open an infected file,runs infected program, boots the computer with infected removable media inserted in a drive or plugged in a port, connects an unprotected computer to a network, or when certain condition or event occurs, such as the computer’s clock changing to a specific date. Today, a common way computers become infected with viruses and other malware is through users opening infected e-mail attachments.

Currently, more than 180,000 known viruses, worms, Trojan horse, rootkit and other malware exist. Many web sites maintain lists of all known malware.