The Truth About Computer Viruses by Darren Pierce

> The Truth About Computer Viruses by Darren Pierce <
Last Updated : 20:36:27 on 12 April 2000 


Computer viruses are a sensitive subject these days, and usually strike fear into the hearts of those who don't know enough about them. Computer viruses are a very powerful thing and are just like their biological counter-part. They are "rogue" programs that have the ability to replicate and spread themselves on their own by infecting other, legitimate, programs that they force to do their dirty work. The problem is, most viruses carry a malicious payload, when the original concept was to have a program spread itself over a network to upgrade files and perform system maintenance during idle cycles of the CPU. This would reduce the workload of the network administrator to allow him to do more important things and wouldn't require him to go machine to machine to fix common problems when a program could automate the entire process for him.

Because of the usual malicious payload of formatting hard drives, corrupting file, or even displaying vulgar messages or images; viruses have received bad hype from the media which has scared computer users into making Anti-Virus development a very profitable industry to get into. McAfee and Symantec (Norton Anti-Virus) are two of the big players in the development of said software, both of which cash in on programs that reduce your system resources by always running in the background and consuming around 10% or more of your free resources. Not to mention slowing down disc and file accesses, misreporting files that are clean (which can mess up the installation of new programs), and not detect viruses because the industry cannot keep up with the all of the new viruses that are developed.

These anti-virus packages have a tendency to boot up in the autoexec.bat file and are always resident in memory. Doing so consumes around 8% or more of your free system resources, which slow down everything you try to do. Anti-viruses also have TSR scanners that scan each file that is ran, this slows down all file accesses, and really puts a damper on a program than relies heavily on other files (registry, INI files, libraries, et cetera). The other way anti-viruses can put a damper on your day is misinterpret if a file is really a virus or not. This causes a horrid problem when attempting to install a program with an application like InstallShield or the Wise system. Then using them and the anti-virus is configured to scan the files, it will lock up or hang the installation until the background monitor is disabled. Misinterpretation of files also has other repercussions. Because of the nature of updated data files, where the user is relied upon to downloaded the newer versions, many systems go months without new data files, and the system gets infected by some new virus that wasn't available in the older data file. The other problem is that there are so many new viruses each day that you can never be protected against everything.

Enough about how much of a waste anti-virus software is, let me discuss the virus and its many cousins. Again, the concept of the virus was to automate things over large networks, but instead, many virus programmers decided to add a malicious payload as opposed to deleting temp files. But this isn't a bad thing, viruses are very complex programs that if grown correctly can be greatly rewarding for automating tasks on a network, and for the advanced programming concepts that they employ.

The big problem with viruses is that the media has hyped them as bad things, and there are a lot of other programs that are called viruses but aren't. Viruses have been hyped for quite a few years now, one of the biggest scares was the Michelangelo virus, and the more recent Y2K virus. The media takes things and blows them out of proportion. If the media would stress the reality behind the CIH virus, which is still one of the most common and destructive viruses to date, people would probably be able to combat against the virus better, but instead they are preparing for figments of people's imaginations. As mentioned, there are other programs out there that are referred to as viruses by the media, but are actually other types of rogue programs. Viruses are programs that infect files and replicate to other files, just like the HIV. Other programs that are out there including, but aren't limited to Trojans, software and logic bombs, rabbits and worms.

Trojans are a very common phenomenon. They are programs, which create a way in, or a backdoor to a system without the victims consent. Just like the famed Trojan horse of lore, these programs trick the user. They can appear as a simple game, or even complex applications, all while opening a computer system up for another person to access it at a later time.

The next misconception would be the 'bombs'; software and logic. They both are basically the same, but have the differences as well. Software bombs are straightforward programs that when ran will manipulate something on your computer. They can change the color settings on your machine, or just format your drive, but they will do this when the program is first executed. Logic bombs, like their counterpart, also destroy things on the computer they are executed on. The catch would be that the payload is released when a certain condition is met, time or day, date, specified number of boot ups, et cetera. This makes a logic bomb less volatile and sometimes completely harmless because the conditions can never be met.

The last two types of programs that are confused for viruses are rabbits and worms. Like the software and logic bombs, these programs are similar yet different. Rabbits are a very basic program and can never be too harmful. Rabbits simply multiply themselves, but they don't infect other files like a real virus would do. They just copy their own program, and in some cases execute the spawned programs that also make copies of them. This is done to consume hard drive resources, and if the rabbit executes each copy it makes, it will also consume the free system resources, which will eventually cause the machine to come to a halt. Worms do this same thing, but they copy themselves over a network. On occasion, usually on badly coded worms, the program will try to send programs to systems that already have the file, or they try to send too many copies at once, or attempt other tasks that inadvertently can crash a system.

There are other types of programs out there, but those mentioned are the main ones. Hopefully your mind has been exposed to the truth about viruses and you won't be influenced by the media, and hopefully deep six your anti-virus software so that you can increase your system performance.


http://www.bombthebox.com/