compression virus

A compression virus is an example of a benevolent computer virus, invented by Fred Cohen. It searches for an uninfected executable file, compresses the file and prepends itself to it. The virus can be described in pseudo code{{Cite web|url=http://all.net/books/virus/index.html|title=Fred Cohen & Associates|website=all.net}}

program compression-virus:=
{01234567;
subroutine infect-executable:=
{loop:file = get-random-executable-file;
if first-line-of-file = 01234567 then goto loop;
compress file;
prepend compression-virus to file;
}
main-program:=
{if ask-permission then infect-executable;
uncompress the-rest-of-this-file into tmpfile;
run tmpfile;}
}

The 01234567 is the virus signature, and is used to make sure (if first-line-of-file = 01234567) the file is not already infected. The virus then asks for permission (ask-permission) to infect a random executable (get-random-executable-file). If the permission is granted, it compresses the executable (infect-executable), prepends itself to it (prepend), uncompresses the current executable file (uncompress the-rest-of-this-file) into a temporary file (tmpfile) and runs it (run tmpfile).

Cruncher is an example of a compression virus,Mark A. Ludwig 1995, Giant Black Book of Computer Viruses p.10 a strain of which – Cruncher.2092{{Cite web |url=http://vil.nai.com/vil/content/v_318.htm |title=McAfee article on Cruncher.2092, read Characteristics |access-date=2009-07-29 |archive-url=https://web.archive.org/web/20100823073607/http://vil.nai.com/vil/content/v_318.htm |archive-date=2010-08-23 |url-status=dead }} – is described by McAfee as memory-resident virus that infects all but small com files, making them smaller. The reason for excluding small programs is that their infected versions will be bigger than their originals.