Computer Virus
Table of Contents
Quick Answer
A computer virus is a type of malware that attaches to files or programs and spreads when infected content is executed. Common examples include boot sector, macro, polymorphic, resident, and direct action viruses. Prevention depends on software updates, safe downloads, email caution, backups, reliable security tools, and early detection of suspicious activity.
This guide explains the definition of a computer virus, common virus types and examples, symptoms of infection, how viruses spread, and practical prevention and removal steps for safe defensive learning.
What is a Computer Virus?
A computer virus is a type of malicious software (malware) designed to infect and damage a computer system, steal sensitive information, or perform unauthorized actions on a victim's computer without their knowledge or consent. Infected systems may exhibit a variety of symptoms ranging from minor glitches to complete system failure.
These programs are called "viruses" because they can spread from one computer to another, just as biological viruses spread between humans.
If you are comparing related threats, also review how trojan horse malware, ransomware, and phishing attacks differ from traditional computer viruses.
Spread and Infection
Viruses spread and infect computers through several primary methods, exploiting both technical vulnerabilities and human behavior. Here are some common ways:
1. Email Attachments
Viruses often hide in email attachments. When the attachment is opened, the virus is executed.
2. Internet Downloads
Downloading software, media files, or documents from untrustworthy websites can introduce viruses.
3. Removable Media
Viruses can be transferred through USB drives, external hard drives, or any other removable media. Plugging an infected USB drive into a computer can automatically execute the virus.
4. Network Transmission
Some malware can spread across networks by abusing vulnerable services or shared resources. A worm is a separate malware type that can self-replicate across networks without direct user action, while a traditional virus usually needs an infected file or program to run.
5. Drive-by Downloads
Merely visiting a compromised website can result in a virus being downloaded and installed without the user's knowledge.
6. Software Vulnerabilities
Outdated or unpatched software can have security holes that viruses exploit. A virus might use a known flaw in an older version of Windows to gain access to the system.
Types and Examples
There are many different types of computer viruses, and new ones are continually being developed. Some common types include:
1. Boot Sector Virus
Boot sector viruses infect the master boot record (MBR) of a computer's hard drive, causing them to be activated every time the computer is turned on.
The boot record program is responsible for booting the operating system. The virus either copies the master boot program to another part of the hard disk or overwrites it.
Examples: Stoned, Brain, Elk Cloner
2. Direct Action Virus
A direct action virus attaches itself to an executable file such as a .exe or .com file.
Direct action viruses are considered "non-resident" and act by selecting one or more files to infect each time the code is executed.
Examples: Vienna, Win32.Sality
3. Macro Virus
Macro viruses infect files that contain macros, such as Microsoft Word documents, Excel spreadsheets, or PowerPoint presentations.
Macros are small programs that automate repetitive tasks and are commonly used in these types of files.
Examples: Melissa, Bablas
4. Multipartite Virus
A multipartite virus can infect multiple parts of a computer system, including the boot sector, executable files, and other areas of the hard drive.
This makes multilateral viruses more difficult to detect and remove than other types of viruses.
Examples: Tequila, Invader
5. Polymorphic Virus
A polymorphic virus changes its code or signature to avoid detection by antivirus software.
Polymorphic viruses use encryption or obfuscation techniques to make each instance of the virus appear different, even if they perform the same function.
Examples: Marburg, Storm Worm, URSNIF, VIRLOCK
6. Resident Virus
A resident virus resides in the computer's memory and remains active even after the infected program is closed.
This type of virus can infect other programs or files as soon as they are opened and can persist on the computer system even after a reboot.
Examples: Randex, CMJ
Modern Virus Examples and Related Malware
Historical examples such as Brain, Stoned, Elk Cloner, and Melissa are useful for understanding how computer viruses spread through boot records, removable media, or documents. Modern security discussions often use “virus” more broadly, but many current threats are technically Trojans, worms, ransomware, spyware, or other malware rather than classic file-infecting viruses.
For safe learning, focus on behavior: how the threat arrives, what user action or vulnerability allows it to run, what symptoms it creates, and which controls reduce the risk.
Computer Virus vs Malware vs Worm vs Trojan
These terms are related, but they do not mean exactly the same thing. Understanding the difference helps beginners identify how each threat behaves and how it spreads.
| Term | Meaning | How it usually spreads |
|---|---|---|
| Malware | Any malicious software designed to harm, disrupt, steal, or gain unauthorized access. | Email, downloads, malicious websites, infected apps, or exploited vulnerabilities. |
| Virus | A malware type that attaches to a file or program and needs execution to spread. | Infected files, removable media, documents, or downloaded programs. |
| Worm | A self-replicating malware type that can spread without direct user action. | Networks, vulnerable services, and connected systems. |
| Trojan | Malware disguised as legitimate software or content to trick users. | Fake downloads, cracked software, phishing links, or social engineering. |
Detection and Removal
Some common symptoms of virus infection include slow system performance, unexpected pop-ups, frequent crashes or errors, increased network activity, and missing or corrupted files. If you suspect that your computer has a virus, you should:
- Install reputable antivirus software on your computer and keep it up to date.
- Run a full system scan with your antivirus software.
- Follow further antivirus instructions to quarantine or remove any detected viruses.
If you suspect infection, avoid entering new passwords on the affected device, disconnect it from untrusted networks where practical, run a trusted security scan, preserve important logs where needed, and restore from a clean backup if security tools cannot confidently remove the infection.
Protection Methods
Here are some preventive measures you can take to protect your computer system from viruses:
- Keep your operating system, software, and antivirus programs up to date to patch known vulnerabilities.
- Use layered controls such as endpoint protection, suspicious activity monitoring, and network defenses like honeypots or intrusion detection systems in business environments.
- Be cautious when downloading files, clicking links, or visiting websites. Avoid suspicious sources.
- Be wary of email attachments and links from unknown or untrusted sources.
- Regularly backup important data to recover in case of a virus attack.
Defensive Virus Prevention Checklist
- Keep operating systems, browsers, office tools, and plugins updated.
- Use reputable endpoint protection and keep signatures or cloud protection enabled.
- Disable or restrict macros from untrusted documents.
- Download software only from trusted publishers and official stores.
- Avoid pirated software, cracks, and unknown installers.
- Use least-privilege accounts for daily work.
- Keep offline or versioned backups for important files.
- Monitor suspicious startup items, unknown extensions, and unusual network activity.
Key Takeaways
- A computer virus is a malware type that attaches to files or programs.
- It usually spreads when infected content is executed, downloaded, shared, or transferred through removable media.
- Common symptoms include slow performance, crashes, popups, suspicious network activity, and missing or corrupted files.
- Prevention depends on software updates, safe downloads, email caution, regular backups, and trusted security tools.
FAQs
Sources and further reading
- CISA - Malware, Phishing, and Ransomware — Malware prevention and awareness resources
- NCSC - Mitigating malware and ransomware attacks — Defensive malware prevention and recovery guidance