What is a computer virus?

In common usage the word 'virus', when applied to computing, has been shaped to encompass an array of entities of a generally malicious nature. Technical professionals in the field of virus detection and eradication often take the common grouping 'viruses' and break it down into smaller behaviorally- and morphologically-similar groups of entities, much as a botanist or zoologist would classify the world of plants or animals. Though this is an attempt at bringing a simple taxonomic order to an otherwise chaotic subject, there are no international standards for classifying these rogue programs; thus, confusion can abound. It is only minimally important for the average Institute user to be aware of the technical differences between the various groups of common 'viruses'; even so, rudimentary knowledge could mean the difference between the contamination or maintained-integrity of a PC. The paragraphs below list the different types of infections you can get and why they are or are not considered "true" viruses by some.

Note: These pages SHOULD NOT be considered definitive source material. The Institute employs no virus professionals. To find more authoritative sources, browse the links on the Virus Resources page.

Viruses
These are the entities referred to as the "true" viruses in the paragraph above. Stiller Research, makers of an AntiVirus tool called IM, defines the virus as, "...a program which reproduces its own code by attaching itself to other programs in such a way that the virus code is executed when the infected program is executed." There are other definitions that are more or less to this point, but the key word here is 'attaching'. Viruses then, under the definition above, are bits of programming code (small programs) that insert themselves into, then begin a cycle of self-replication (infection) within previously existing (and previously useful) host programs. You will find that many other malicious entities use less invasive (but equally dangerous) methods of disturbing your computer's inner workings, but if you get a virus, you will almost certainly need special software to detect and remove it.

There are several virus subclasses that are often talked about (including macro viruses-- the only kind to infect document files) but what is truly important is the fact that you cannot infect clean programs unless you execute an infected one on your computer. You should always think about the integrity of the source of your programs and diskettes. (All diskettes run a program in their boot sectors when they are read in a floppy drive.) Will they be clean?

Worms
These are malicious programs that self-replicate and execute, but do not infect other programs on your computer. They are self-contained and do not need hosts like viruses; however, they can drop virus and Trojan (see below) components inside your computer. Worm infections occur over a network connection and are activated when a user accepts and executes the Worm-infected file. In addition to the viruses or Trojans they may contain, Worms can replicate themselves endlessly, causing computer congestion and equipment failures.

Trojans/Logic Bombs
These are self-contained, potentially useful programs that have been intentionally altered by a programmer to produce an unexpected (sometimes destructive) result. These entities DO NOT replicate themselves, but can be spread through E-mail attachments and Worms. In order to activate a Trojan, a user must willingly intervene to execute it.

Backdoors/Bugs
These entities are actually loopholes in the computer code of some programs that allow remote computers (and their users) to gain administrative privileges (access.) They can only be fixed by patching or upgrading the affected technology.

Tags: