What Is a Computer Virus? Types and How They Work

A computer virus is a type of malicious software that replicates upon execution and injects code. Once replication is complete, this code spreads the infection to other programs and files. There are many varieties of computer viruses, and each has a unique way of infecting a device. A virus can cause irreversible damage to data. That’s why computer viruses are a major concern for people worldwide because the software can damage the economy by billions of dollars. There are many ways that a computer virus can infect computers. Computer viruses are designed to spread from one host to another. The spread can happen through email attachments, links, software installations and file downloads.

Viruses steal information, disrupt services, download malware, corrupt the file system and perform other functions that the malware developer has programmed into the software. These viruses can wipe out data and steal information like passwords and get access to online banking and social media accounts. Many viruses pose as trustworthy programs to dupe users into running the programs on the devices, which then releases the virus’ payload. Many advanced viruses include obfuscation or evasion capabilities that bypass modern and emerging anti malware, antivirus programs and other security technologies. The development of polymorphic malware with the capabilities of dynamically challenging codes complicates virus detection and identification.

What is a Computer Virus?

What Is a Computer Virus?

A computer virus is a malicious software designed to replicate and spread from one computer to another. The software is attached to a computer program or document executed or opened by the user, this way infecting the computer. Once a computer is infected with a virus, the virus can cause a wide range of problems, such as slowing down the computer’s performance, corrupting or deleting files or even completely crashing the system. Some viruses are designed to steal personal information or perform other harmful actions on the infected computer. Protecting computers with antivirus software and being cautious when opening files or clicking on links from unknown sources is vital to prevent infection.

The history of computer viruses can be traced back to the early days of computing. A group of students created one of the first known computer viruses in the 1970s at BBN. This virus, called the CREEPER virus, was a self-replicating program designed to move from one computer to another through the ARPANET, a precursor of the internet. The CREEPER virus would display the message “I’m the creeper, catch me if you can!” on the infected computer screen.

Since then, computer viruses have evolved and become more sophisticated. In the 1980s and 1990s, viruses spread widely through floppy disks and other removable media. The first macro virus infected documents rather than executable files and was also discovered in the mid-1990s.

In the early 21st century, the rise of the internet and the proliferation of email facilitated viruses to spread rapidly. Today, many common types of viruses, including worms, Trojan horses, ransomware and spyware, can cause many problems on infected computers. To combat these threats, cybersecurity professionals have developed antivirus software and other security measures to help protect against infection and remove viruses from infected computers.

How Do Computer Viruses Work?

Computer viruses work by replicating and spreading from one computer to another. Viruses can do this in several ways, including being attached to email messages or other documents, downloaded from the internet or transferred from one device to another via removable media such as a USB drive or a floppy disk.

When a virus is executed, the software typically performs several actions, such as modifying or deleting files or altering system settings by exploiting all security vulnerabilities. Some viruses are designed to steal personal information or to perform other harmful actions on the infected computer. For example, a virus software may search a local hard drive for passwords, credit card numbers and social security numbers and send these details to the attacker. A virus may delete files from a system or alter the OS without permission. Availability attacks aim to deny the authorized user the system’s access or data. For instance, a virus known as ransomware encrypts data on a user’s hard drive and prevents authorized access. After that, the virus requests a ransom in return for the decryption key.

An image featuring antivirus software concept

Once a computer is infected with a virus, the software can execute the code. This code can range from simple instructions to perform harmless actions, such as displaying a message on the screen, to more malicious instructions that can cause damage to the infected computer or steal sensitive information. Some viruses remain hidden on the infected computer and perform malicious actions without the user’s knowledge. Others are more noticeable and disrupt the normal functioning of the computer.

The virus then spreads to other computers through networks or transfers to other devices through removable media. Cybercriminals can also apply social engineering deceptions to spread viruses. These criminals trick users into clicking malicious links and downloading the virus.

What Are the Dangers of Computer Viruses?

Computer viruses can pose some dangers to both individuals and organizations. Some of the potential risks and consequences of a computer virus infection include the following.

  • Damage to the Infected Computer or Devices: Viruses can corrupt or delete files, alter or damage system settings or even cause the infected computer or device to crash.
  • Loss of Sensitive or Personal Information: Some viruses are designed to steal sensitive information, such as login credentials, financial information, social security numbers or personal data. This can lead to identity theft or financial loss.
  • Disruption of Business Operations: In a business setting, a virus infection can disrupt operations and result in lost productivity and revenue.
  • Spread of the Virus To Other Computers or Devices: If a computer is infected, the virus spreads to other computers or devices connected to the same network or that come into contact with the infected device.
  • Exposure To Other Malware: A virus infection can sometimes open the door for other types of malware, such as worms, Trojan horses or ransomware.

What Are the Different Types of Computer Viruses?

There are several different computer viruses and each has specific characteristics and behaviors. Some common types of computer viruses are below.

1. Resident Virus

A resident virus is a computer virus that remains in the computer’s memory (RAM) and replicates whenever new programs are run or new files are opened. Antivirus does not detect the resident virus easily because the software is active in memory and does not leave any physical evidence on the hard drive. The user can only detect these viruses by running a full system scan with antivirus software or manually searching for known virus signatures in the system’s memory.

2. Browser Hijacker

A browser hijacker is a type of malware that modifies the settings of a web browser without consent to redirect the user to certain websites or to display unwanted ads. Browser hijackers can cause many problems, including slowing down the browser and the computer, disrupting the user’s browsing experience, and exposing the user to potentially malicious or spammy websites.

An image featuring browser hijacker concept

3. Boot Sector Virus

The boot sector is a small area of the hard drive containing instructions for starting the computer. Boot sector viruses can cause difficulty or impossibility in starting the infected computer. The virus may cause the computer to crash, display error messages or prevent the operating system from loading properly.

4. Direct Action Virus

Direct action or non-resident viruses are file infectors designed to attach to executable files, such as .exe or .com files, and are activated whenever the infected file is run. A direct action virus actively seeks out and infects specific files or programs on a computer. Direct action viruses typically infect files in specific locations, such as the boot sector or system files, and may be activated when the infected file is opened or the infected computer is booted. The virus may also be activated when specific conditions are met, such as a specific date or time. A direct action virus can cause various problems, including deleting or corrupting files, slowing down or crashing the system and spreading to other computers on the same network.

An image featuring a laptop that has a USB with malware on it concept

5. Web Scripting Virus

A web scripting virus is a computer virus designed to infect web pages and execute malicious code on the user’s computer when the infected web page is accessed. Web scripting viruses alter system settings and steal the target information.

6. Macro Virus

A macro virus infects documents, such as Word or Excel files, and is activated whenever the infected document is opened. The macro virus uses the macro programming languages built into these documents to replicate and perform malicious actions. This virus can be difficult to distinguish from legitimate macro programming languages and can be hidden within legitimate documents.

7. Multipartite Virus

A multipartite virus uses both file and boot sector infectors at the same time. Because of this unique ability, multipartite viruses can spread rapidly and evade detection.

An image featuring cross site scripting attack concept

8. File-infecting Virus

A file-infecting virus, also called file infector, typically copies code into executable files like .com and .exe. File infectors can also overwrite the host files. Some file invaders have payloads that can be either extremely harmful, like formatting hard drives, or benign, like message display.

9. Polymorphic Virus

A polymorphic virus is a sophisticated file-infecting agent that can change versions to evade detection while keeping the same fundamental functions after each infection. This feature challenges antivirus, as the software may not recognize the mutated form of the virus.

10. Network Virus

A network virus is a relatively new computer virus that travels from one computer to another without leaving a file-based duplicate of the virus on any of the targets. This virus only lives as network packets, moving from device to device and memory files. Detecting network viruses frequently involves scanning the entire network and examining every linked device.

What Are the Most Common Computer Viruses?

The worst computer viruses can cause significant damage. That’s why users need to be on the lookout for new viruses that are constantly being created. But there are some more common viruses that are very harmful as well. The Trojan virus is one of those since this virus is disguised as legitimate software, but once installed, the software allows hackers to access the user’s computer and steal sensitive information. Examples include the Zeus Trojan and the Emotet Trojan. The ransomware encrypts the victim’s files and demands payment for the decryption key. Some common ransomware is Cryptolocker, WannaCry and Ryuk. Worms replicate and spread to other computers through network connections or by sending virus copies via email or instant message. Examples include the Code Red worm and the Conficker worm. Adware is also very common. This virus works by displaying unwanted advertisements on the user’s computer, often pop-up windows. CoolWebSearch and Zwangi are some common adware. Spyware Doctor and Spyware Terminator are some examples of spyware viruses. Spyware is a virus that collects information about a user’s online activities and sends the data to third parties without the user’s authorization.

How Are Computer Viruses Made?

Computer viruses are created by individuals or groups who write malicious codes and then distribute these codes to different systems. The written codes can replicate and damage computers or networks.


Hackers can create viruses by writing code in a programming language like C++, Python or Assembly. This code infects other systems and performs malicious actions, such as deleting files or stealing sensitive information.

Hackers can also create viruses by modifying legitimate software and adding malicious code. The virus is installed when this software is installed on a victim’s computer. This is often done by exploiting vulnerabilities in the software. These vulnerabilities may be unknown to the software developer and can be exploited to gain access to a device and execute malicious code.

An image featuring a person hacking with code concept

Individuals can also create viruses using virus creation kits. These are pre-packaged software tools that create viruses without the person writing any code. The kits often include various options for customizing the virus’s behavior and payload.


Creating and distributing computer viruses is illegal in many countries, and individuals who engage in these activities may face criminal charges.

What Are the Signs Your Computer Is Infected With a Virus?

Below are some signs that your computer may be infected with a virus.

  • Slow performance
  • Pop-up ads
  • Unfamiliar programs or icons
  • Error messages or alerts
  • Changes to the homepage without the user’s permission
  • Unfamiliar browser extensions
  • Unusual activity on the user’s credit card or bank account
  • Difficulty accessing certain websites or programs
  • Increased number of spam emails being sent from the user’s account

How To Remove a Computer Virus

There are many antivirus programs available that can help protect your computer from viruses and other malware. The list below has several steps users can take to remove a virus from a computer.

  1. Look for the best antivirus software.
  2. Download and install the software.
  3. After installing, the user may need to configure the program to meet specific needs. This may include setting up virus scans, configuring update settings and adding exceptions for certain files or websites.
  4. Disconnect the device from the internet connection. This helps to stop the spread of viruses or downloading of additional malicious software.
  5. Restart the device in safe mode to prevent active viruses from running and allow the user to access the device to perform virus removal. On Windows, one can do this by pressing the F8 key while the computer is booting up. On a Mac, the user can hold the shift key while restarting the device.
  6. Scan the device for viruses. Some antivirus software offers the option to run a scan in safe mode. Always update the antivirus software with the latest virus definitions before running the scan.
  7. If the virus scan identifies infected files, select the option to quarantine or delete the files.
  8. If the user has a backup of the device from before the virus infection, one can restore the device with the backup to remove the virus.

How To Prevent Being Infected by a Virus?

Below are some technical steps users can take to reduce the risk of having the computer infected by a virus.

  • Install and regularly update a reputable antivirus program. This will help detect and remove any viruses that may infect a computer.
  • Enable the firewall on your computer. A firewall is a type of security system that keeps track of and manages data flow in accordance with pre-established security rules. The firewall can help block unwanted incoming connections to the computer, which can help prevent viruses from spreading.
  • Use a secure web browser and keep the browser up to date. Modern web browsers include built-in security features, such as pop-up blockers and phishing protection, which can help to protect the user from malware and other online threats.
  • Enable automatic updates for the operating system and installed software. These updates frequently come with patches for known security holes that viruses could take advantage of.
  • Avoid visiting suspicious websites and downloading software from untrusted sources.

Pro Tip:

Be careful when using social media and avoid sharing personal information or clicking on links from any sources.
Damien Mather Damien is a cybersecurity professional and online privacy advocate with a bachelor of Computer Science. He has been in the industry for 20+ years and has seen the space evolve far bigger than he ever thought. When he is not buried in his research or going through code, he is probably out Surfing or Camping and enjoying the great outdoors.