Compression virus
A compression virus is an example of a benevolent computer virus, invented by Fred Cohen. It searches for an uninfected executable file, compresses the file and prepends itself to it. The virus can be described in pseudo code[1]
program compression-virus:= {01234567; subroutine infect-executable:= {loop:file = get-random-executable-file; if first-line-of-file = 01234567 then goto loop; compress file; prepend compression-virus to file; } main-program:= {if ask-permission then infect-executable; uncompress the-rest-of-this-file into tmpfile; run tmpfile;} }
The 01234567 is the virus signature, and is used to make sure (if first-line-of-file = 01234567) the file is not already infected. The virus then asks for permission (ask-permission) to infect a random executable (get-random-executable-file). If the permission is granted, it compresses the executable (infect-executable), prepends itself to it (prepend), uncompresses the current executable file (uncompress the-rest-of-this-file) into a temporary file(tmpfile) and runs it (run tmpfile).
Cruncher is an example of a compression virus,[2] a strain of which - Cruncher.2092[3] is described by McAfee as memory-resident virus that infects all but small com files, making them smaller. The reason for excluding small programs is that their infected versions will be bigger than their originals.
References
- ^ 1984, Computer Viruses - Theory and Experiments
- ^ Mark A. Ludwig 1995, Giant Black Book of Computer Viruses p.10
- ^ McAfee article on Cruncher.2092, read Characteristics