What Is a Computer Virus and How Does It Work?

What Is a Computer Virus and How Does It Work?

There are many different types of computer viruses and all of them can be devastating. As they spread, they can steal personal information, cripple computer performance, and wreak all kinds of havoc. Discover what a computer virus is and how it works. Then learn how to protect yourself against viruses and other dangerous online threats with a comprehensive security solution like Avast One

What is a computer virus?

A computer virus is a type of malware that attaches itself to other programs, self-replicates, and spreads from one computer to another. When a virus infects a computer, it makes copies of itself and attaches to other files or documents. It then modifies those files and continues to spread.

Viruses infect computers discreetly, and they’re often designed to destroy personal files or gain control of devices. Making copies of themselves, computer viruses spread across devices and networks like biological viruses passing from one person to the next. And just like the biological versions, some computer viruses are simply annoying while others can cause major damage.

A computer virus is a type of malicious software that attaches itself to other programs, self-replicates, and spreads to other computers.

So, what’s the difference between a virus and malware (malicious software)? Virus is often a catch-all term used to refer to any kind of software created to be harmful. But a virus is just one type of malware, and the definition of a virus is that it’s a computer program that can self-replicate, infect other programs, and spread to other computers.

How do computer viruses work?

Computer virus is an umbrella term that includes many different types of viruses, delivery mechanisms, and impacts. To understand how computer viruses work, it’s helpful to split them into two categories: those that begin to infect and replicate as soon as they land on your computer, and those that lie dormant, waiting for you to unwittingly execute the code.

The computer virus definition includes its 4 phases: dormant, propagation, triggering, and execution.

A computer virus can begin infecting your computer immediately, or it can wait for you to unwittingly trigger it.

Computer viruses have four phases (inspired by biologists’ classification of a real-life virus’s life cycle).

  • Dormant phase: This is when the virus is hidden on your system, lying in wait.

  • Propagation phase: This is the viral stage, when the virus begins to self-replicate, stashing copies of itself in files, programs, or other parts of your disk. The clones may be slightly altered in an attempt to avoid detection, and these copies will also self-replicate, creating more clones that continue to copy and spread.

  • Triggering phase: A specific action is generally required to trigger or activate the virus. This could be a user action, like clicking an icon or opening an app. Other viruses are programmed to come to life after a certain amount of time, such as a logic bomb designed to trigger after your computer has rebooted a certain number of times (this is done to obfuscate the origin of the virus).

  • Execution phase: Now the virus’s program is executed and releases its payload, the malicious code that harms your device.

How do computer viruses spread?

Typically, computer viruses spread through malicious online downloads, infected email attachments, or by plugging in infected hardware like an external flash drive (USB stick). Computer viruses can spread through almost any method of file sharing, as long as the virus can avoid detection by antivirus programs.

Here are some common ways computer viruses spread and can end up on your computer:

  • Emails: A common attack method of cybercriminals, emails like those used in phishing attacks can carry harmful attachments, malicious links, or even an infection right in the email body’s HTML.

  • Downloads: Hackers can hide viruses in apps, documents sent over file-sharing services, plug-ins, and most other places where files are available to download.

  • Messaging services: Viruses can be spread through SMS messages or messaging services like Facebook Messenger, WhatsApp, and Instagram. There, as with email, they also take the form of malicious links, attachments, or executable files.

  • Old software: If you don’t update your apps or operating system, you may be exposing yourself to vulnerabilities that cybercrooks can exploit to spread computer viruses.

  • Malvertising: Viruses can be hidden in online advertisements, such as banner ads delivered through ad exchanges. Malvertising lets perpetrators hide malicious code even in legitimate, trusted websites like the New York Times and the BBC, both of which have been hit.

Good computer hygiene and anti-malware tools can guard you against all of these attack vectors. So it’s important to keep your software updated, use strong passwords, and shield your device with strong cybersecurity software.

What computer viruses do

Computer viruses hijack your system’s code and resources in order to replicate, causing performance issues on all device types. When executed, a computer virus releases its payload and begins its attack. Almost immediately, you’ll start to see the impact of what computer viruses can do.

What can viruses do to your computer? Here are some of the effects they can unleash:

  • Slow or stuttering performance

  • Corrupted or deleted files

  • Incessant pop-ups or adware

  • Program failure and operating system crashes

  • A constantly spinning hard drive

  • Malfunctioning apps, files, and other programs

Aside from causing these negative performance issues, computer viruses can also steal personal data — such as usernames, passwords, and credit card details. Some viruses can spam all of your contacts and try to trick them into downloading the virus as well, which is another way they spread.

Can all devices get viruses?

All devices, including Macs, can get viruses. iPhones and Androids can get viruses too. In fact, any device with internet access can get malware — even smart devices like coffee makers.

But it’s worth remembering the distinction between malware and viruses: a virus is just one type of malware. And there are many types of infections that can damage your device, steal your data, and otherwise wreak havoc.

From ransomware to spyware to trojans, there are some nasty strains of malware to watch out for on all your gadgets. Thankfully, many of these threats can be wiped out and prevented with trusted free antivirus software.

Different types of computer viruses

Even if we're talking strictly about viruses (as opposed to other forms of malware), there are still many different types of computer viruses.

Here are a few different types of computer viruses that have been found spreading through the internet:

Direct action virus

The most common type of virus and the easiest to create, direct action viruses enter your computer, cause chaos (usually by attaching themselves to a lot of COM or EXE files), then delete themselves.

The famous Vienna virus searched for COM files to infect and/or destroy, and while it was the first virus ever defeated by an antivirus program in 1987, the fix wasn’t available to those living under communist regimes. In 1988, Avast co-founder Pavel Baudis also beat the virus and brought the solution to those who couldn’t access the first fix.

Boot sector virus

As the name suggests, boot sector viruses sneak into your boot sector (responsible for loading your computer’s operating system upon startup) to infect your memory right away. These types of viruses traditionally spread through hardware, such as floppy disks, USB drives, and CDs. As those devices become obsolete, this type of virus is also on its way out.

One leftover variety that emerged in 2014 is called the Stoner virus, because it displayed on-screen messages in support of marijuana legalization.

Resident virus

A resident virus is another type of memory-infecting virus that sets up shop in your RAM (random access memory), which lets the virus persist even if you remove the original infector. A notable example was the Magistr virus, which spreads to your friends by spamming your contact list. It also deletes files and destroys computer motherboard’s memory.

Multipartite virus

Increasing their power by infecting both your files and your boot space, multipartite viruses are brutal. They’re very hard to eradicate because they can hide themselves in either files or the boot space. The Invader virus was one such example, which began overwriting your hard drive as soon as you hit CTRL + ALT + DEL to try to get rid of it.

Polymorphic virus

Another stubborn type of virus, polymorphic viruses hide by changing shape. As they replicate, their clones are all slightly different, which helps avoid detection. One example is the VirLock virus, which changes shape while also incorporating a bit of ransomware that locks up your files until you pay to release them.

Macro virus

Macro viruses are created to hide inside word document files, such as DOC or DOCX files. When you download the file, you’ll be prompted to enable macros — as soon as you do, you trigger the computer virus. Infected macros have also been used in ransomware, such as the Locky strain, which targeted healthcare institutions, encrypting their files and demanding payment to decrypt them