3) What is a virus (and what are Trojans and Worms)? (Computer virus)
Description
This article is from the Computer viruses FAQ, by David Harley D.Harley@icrf.icnet.uk, George Wenzel gwenzel@telusplanet.net and Bruce Burrell bpb@umich.edu with numerous contributions by others.
3) What is a virus (and what are Trojans and Worms)? (Computer virus)
A (computer) virus is a program (a block of executable code) which
attaches itself to, overwrites or otherwise replaces another program
in order to reproduce itself without the knowledge of the PC user.
Most viruses are comparatively harmless, and may be present for
years with no noticeable effect: some, however, may cause random
damage to data files (sometimes insidiously, over a long period)
or attempt to destroy files and disks. Others cause unintended
damage. Even benign viruses (apparently non-destructive viruses)
cause significant damage by occupying disk space and/or main
memory, by using up CPU processing time, and by the time and expense
wasted in detecting and removing them.
A Trojan Horse is a program intended to perform some covert
and usually malicious act which the victim did not expect or want.
It differs from a destructive virus in that it doesn't reproduce,
(though this distinction is by no means universally accepted).
A dropper is a program which installs a virus or Trojan, often
covertly.
A worm is a program which spreads (usually) over network
connections. Unlike a virus, it does not attach itself to a
host program. In practice, worms are not normally associated
with personal computer systems. There is an excellent
and considerably longer definition in the Mk. 2 version of the
Virus-L FAQ.
(The following is a slightly academic diversion)
A lot of bandwidth is spent on precise definitions of some of
the terms above. I have Fridrik Skulason's permission to include
the following definition of a virus, which I like because it
demonstrates most of the relevant issues.
#1 A virus is a program that is able to replicate - that is, create
(possibly modified) copies of itself.
#2 The replication is intentional, not just a side-effect.
#3 At least some of the replicants are also viruses, by this
definition.
#4 A virus has to attach itself to a host, in the sense that execution
of the host implies execution of the virus.
--
#1 is the main definition, which distinguishes between viruses and Trojans
and other non-replicating malware.
#2 is necessary to exclude for example a disk-copying program copying a
disk, which contains a copy of itself.
#3 is necessary to exclude "intended" not-quite-viruses.
#4 is necessary to exclude "worms", but at the same time it has to be
broad
enough to include companion viruses and .DOC viruses.
Continue to:
My Books
