27672057559
AVG Signal Blog Security Viruses What is a Computer Virus?
What_is_a_Computer_Virus-Hero

Written by Gonzalo Torres
Published on December 18, 2017

Computer viruses are just like that. If you’re unlucky enough to catch one (but don’t beat yourself too much if you do, because they are incredibly common), expect havoc to be wrecked on your hard disk — slower PC performance, damaged or destroyed files, and everything in between.

This article contains:

    A computer virus definition, Wikipedia-style

    Looking for an essay-friendly definition? Here it goes:

    A computer virus is a program or piece of code designed to damage your computer by corrupting system files, wasting resources, destroying data or otherwise being a nuisance. 

    Viruses are unique from other forms of malware in that they are self-replicating — capable of copying themselves across files or other computers without a user's consent.

    Basically, they are really contagious.

    Virus, malware, Trojan... what's the difference?

    Not every piece of software that attacks your PC is a virus. Computer viruses are just one kind of malware (mal-icious soft-ware). Here are some of the other, most common kinds:

    • Trojans: like the ancient wooden horse full of attackers it takes its name from, this malware pretends to be harmless legitimate software, or comes embedded in it, in order to trick the user and open up the gates for other malware to infect a PC.

    • Spyware: with examples such as keyloggers, this kind of malware is designed to spy on users, save their passwords, credit card details, other personal data and online behavior patterns, and send them off to whoever programmed it.

    • Worms: this malware type targets entire networks of devices, hopping from PC to PC.

    • Ransomware: this malware variety hijacks files (and sometimes an entire hard drive), encrypts them, and demands money from its victim in exchange for a decryption key (which may or may not work, but it probably won’t).

    • Adware: this exceedingly irritating kind of malware floods victims with unwanted ads, and opens up vulnerable security spots for other malware to wiggle its way in.

    To recap, viruses are just one of several kinds of malware out there. Strictly speaking, Trojans, ransomware, etc, are not computer viruses, though many people use the shorthand “virus” to refer to malware in a general sense. Altough some devices like phones and iPads are not likely to get a virus, they are not immune to other threats.

    Why do people make viruses, and what do they do?

    Unlike the bio variety, computer viruses don’t just “happen”. They are manufactured, often with great care, intentionally targeting computers, systems and networks.

    But what are these viruses used for?

    For fun

    Well, “fun”. Trolling by software, computer code graffiti… The earliest computer viruses were essentially programmers playing around, like the (maybe, probably) first one, known as the Creeper virus back in 1971, which displayed the message “I’m the creeper, catch me if you can!”.

    Or the Elk Cloner virus, which told you a little poem:Elk clone virus poem

    Not quite Sylvia Plath

    Or the Ika-tako virus, which replaced your files and programs with pictures of squid.Photo of a bobtail squid

    Aaaaw

    Or the Stoned virus, which randomly displayed the words “Your computer is stoned. Legalize marihuana!” on your screen (and stayed in stoner character throughout by doing absolutely nothing else).

    Or a personal favorite: the virus that pretends to be a message from a well-known software company, offering you a free cup holder if you download and install it, at which point it opens your PC’s CD tray (remember CD trays?).

    For evil

    Sadly, not all viruses are so cuddly. Take it from Batman’s butler: some people just want to watch the world burn — and computer viruses are a very effective way to spread chaos far and wide.

    Like the ILOVEYOU virus, which destroyed the files of more than 50 million internet users worldwide, rendered PCs unbootable, copied people’s passwords and sent them to its creators, and caused up to US$9 billion in damages in the year 2000.

    Even that amount pales in comparison to the US$37 billion in damages caused by the Sobig.F virus, which stopped computer traffic in Washington DC and grounded Air Canada for a while.

    And then there’s the Mydoom virus, which caused such cyber bloating that it’s believed to have slowed worldwide internet traffic by 10% the day of its release.

    For… good?

    Yes, there is a tiny, tiny subset of “good” computer viruses — such as the Cruncher virus, which compresses every file that it infects and theoretically tries to help by saving precious hard disk space.

    For example, there’s a virus out there labelled Linux.Wifatch which appears to do nothing other than keeping other viruses out of your router. Linux.Wifatch is itself a virus — it infects a device without its user’s consent and coordinates its actions through a peer-to-peer network — but instead of hurting you, it acts as a sort of security guard.

    (But still, there are far better ways to secure your router — and even the creators of Linux.Wifatch tell you not to trust it).

    Other “well-intentioned” viruses want to act like a vaccine in that they force people, corporations and governments to strengthen their safety measures and therefore become able to repel genuine threats.

    Some virus creators argue they make the world safer by pointing out security gaps and flaws that can be exploited by other viruses with truly malicious intentions.

    “What could possibly go wrong?”, asked the first ten minutes of every pandemic disaster movie ever made. The truth is that viruses quickly overwhelm the defenses they’re supposed to put to the test — take the Code Red virus, which in true disaster film fashion attacked the White House (OK the White House’s web server but still OMG) and caused 2.6 billion dollars in damage worldwide.

    Some vaccine.

    How do computer viruses spread?

    Here are some common ways in which you can get infected with a computer virus:

    Email viruses

    Email is one of the favorite means of transportation for computer viruses everywhere. You can get computer viruses through email by:

    • Opening an attachment. Often named as something harmless (such as “Your flight itinerary”), an executable program file (.com, .exe, .zip, .dll, .pif, .vbs, .js, .scr) or macro file type (.doc, .dot, .xls, .xlt, xlsm, .xsltm…).

    • Opening an email with an infected body. In these days of rich graphics and colors and bells and whistles, some viruses are being transported in the HTML body of the email itself. Many email services disable HTML by default until you confirm you trust the sender.

    Instant messaging viruses

    Instant messaging (IM) is another means for viruses to spread. Skype, Facebook Messenger, Windows Live Messenger and other IM services are inadvertently used to spread viruses to your contacts with infected links sent through chat messages.

    These instant messaging and social media viruses spread wide and fast because it’s far easier to get people to click on a link when it’s delivered in a message coming from someone they trust, as opposed to a an email from a stranger.

    File sharing viruses

    Peer-to-peer file sharing services like Dropbox, SharePoint or ShareFile can be used to propagate viruses too. These services sync files and folders to any computer linked to a specific account, so when someone (inadvertently or otherwise) uploads a virus-infected file to a file-sharing account, that virus gets downloaded to everyone else with access to that shared folder.

    Some file sharing services, such as Google Drive, scan uploaded files for viruses (although it only scans files smaller than 25MB, giving virus spreaders an easy out — they just have to make sure their virus-infected files are larger than that).

    But most other services do not scan for viruses at all, so it’s your responsibility to make sure that you’re protected against any potential threats contained in the file they’re downloading.

    Software download viruses

    Fake antivirus infections are one of the most common types of virus-loaded software downloads. Scammers and cyber criminals use aggressive pop-ups and ads to scare users into believing that a non-existent virus has been detected in their PC, and compels them to download their “antivirus” software in order to clear the threat.

    Instead of ridding the computer of viruses, this fake antivirus proceeds to infect the PC with malware, often with devastating consequences for the victim’s files, hard drive, and personal information.

    Unpatched vulnerable software

    Last but not least, one of the most common (yet most often overlooked) means for viruses to spread is unpatched software.

    Unpatched software refers to software and apps which have not been updated with the latest security updates from the developer, in order to plug up security holes in the software itself.

    Unpatched software is a major cybersecurity headache for businesses and organizations, but with criminals exploiting vulnerabilities in outdated versions of such popular programs as Adobe Reader, Java, Microsoft Windows or Microsoft Office, us civilians are very much at risk of infection too.

    Types of computer virus

    Here’s a list of different types of computer viruses currently out there:

    Boot Sector Virus

    The boot sector is the part of your PC’s hard drive that loads your computer’s operating system — such as Microsoft Windows. A boot sector virus infects the master boot record (MBR), so the virus loads onto the computer memory during startup.

    Boot sector viruses used to be propagated mainly via pluggable devices, like USB keys, floppy disks and CD-ROMS. As technology moves on, boot sector viruses have become much rarer, and these days they mostly live on as email attachments.

    Examples of boot sector viruses:

    • Elk Cloner: this early 1980s virus was attached to a game. At the 50th time the game was started, the virus displayed a poem on-screen.

    • Stoned: the initial variety displayed on-screen messages in favor of the legalization of marihuana. Its signature (though not the virus itself) crept up into the bitcoin blockchain in 2014.

    • Parity Boot: another “vintage” virus, this one was the most prevalent virus in Germany up to 1996.

    • Brain: considered to be the first computer virus for MS-DOS, it was created by the Pakistani Alvi brothers as an attempt to protect their medical software from copyright infringement — an attempt that quickly got out of hand, much to their chagrin.

    • Michelangelo: every year on March 6 (the birthday of artist Michelangelo), this virus would come alive and overwrite the first 100 sectors of a hard drive with nulls, making it impossible for everyday users to retrieve their files.

    Direct Action Virus

    These viruses are designed to “pass through” your computer: they get in, generally spread around files of a specific type (COM or EXE files, generally), and when they are done, they delete themselves. They are the most common type of virus out there and the easiest to create — which also makes them the simplest to get rid of.

    Examples of direct action viruses:

    • Win64.Rugrat: also known as the Rugrat virus, this early example of direct action virus could would infect all 64-bit executables it could find in the directory and subdirectories in which it was launched.

    • Vienna virus: the Vienna virus has the distinction of being the first virus to be destroyed by an antivirus. It searches for .com files and destroys some of them while attempting to infect them.

    Resident Virus

    Unlike the direct action viruses we mentioned before, memory resident viruses actually set up camp in your computer’s primary memory (RAM). This is bad news, because they can keep working even after you’ve rid yourself of the original infector. Some act fast, some do their damage slowly — and are therefore harder to detect.

    Examples of memory resident viruses:

    • Jerusalem virus (a.k.a. Friday 13th virus): after finding its way into your RAM and hiding inside it, this virus would delete programs from your computer on Friday 13, or increase the size of infected programs until they were too big to run.

    • Onehalf virus: sometimes known as the Freelove virus, or the Slovak Bomber, this virus slowly encrypts its way through your hard disk. Once it’s done with half (and on the 4th, 8th, 10th, 14th, 18th, 20th, 24th, 28th and 30th day of any month), it displays the message “Dis is one half. Press any key to continue…”

    • Magistr virus: this very destructive virus emails itself to your contact list, deletes every other file, wrecks your CMOS and BIOS — and leaves you insulting messages to boot.

    Multipartite Virus

    These ultra-versatile viruses double their spreading power by targeting both your files and your boot space. That way, even after you’ve succeeded in removing all the infected files in your computer, the virus still lingers hidden in the boot sector, ready to strike again — and if you clean the boot sector, the virus will re-infect it by jumping from one of the infected files.

    Examples of multipartite viruses:

    • Junkie virus: this multipartite virus was transmitted in a file called HV-PSPTC.ZIP., supposedly a Pacific Strike computer game. Which it wasn’t.

    • Tequila virus: this one avoids files which contain the letters “v” and “sc” in their name, and likes to display the message “BEER and TEQUILA forever!”

      Image of tequila bottles

    • Shhhh, don't argue with the virus
    •  
    • Invader virus: this one starts off nicely by playing a Mozart tune, but the moment you hit CTRL+ALT+DEL to reboot, it overwrites the first line of your hard disk with a copy of the virus.

    Polymorphic Virus

    The mutants of the computer virus world, these viruses shape-shift in order to avoid detection, while holding onto their basic threat capabilities. After infecting your files, these viruses replicate themselves in a slightly different way — which makes them very difficult to fully detect and remove.

    Examples of polymorphic viruses:

    • Satanbug virus: despite its let’s face it quite badass name, this polymorphic virus doesn’t intentionally damage your files — but with its up to nine levels of encryption, virus scanners have a hard time removing it from your PC.

    • VirLock virus: part ransomware, part polymorphic virus, the Win32/VirLock virus encrypts your files and asks you for ransom — but it also changes shape every time it spreads.

    Macro Virus

    Macro viruses are written in macro language, with the intention of embedding them within software that allows macro mini-programs such as Microsoft Word. That means your PC can be infected by Word Document viruses.

    Examples of macro viruses:

    • Melissa: distributed through email attachments, once this virus infects your PC it makes its way to your Microsoft Outlook mail client and mails itself to the first 50 contacts in your address book, potentially slowing down or even completely disabling servers in a chain reaction of suck.

    How do I protect myself against viruses?

    By now we have established you definitely don’t want any of these viruses anywhere near your files, your hard drive or your network. Now, let’s look at how you can avoid computer viruses in the first place.

    Use antivirus protection

    You have to, have to, have to have some form of antivirus software installed in your PC and your smartphone.

    Period.

    An antivirus is your first line of defense against viruses and a whole bunch of other malware that you seriously don’t want to have to deal with. If you think viruses are bad (and they are), there’s stuff out there that’s even worse. 

    No excuses. Don’t want to fork out money? There are a few exceptionally good free antivirus software choices out there (ahem). Worried the software will slow down your PC? Ours is so light, you won’t even notice it’s there.

    If you’re looking for something extra, premium antivirus programs can offer all kinds of added security features - like our Ransomware Protection shield, which stops anyone from hijacking your files and extorting money from you. For instance, we help you find your phone if you lose it, which is pretty neat.

    But hey, you don’t have to get our antivirus (even though it’s free and awesome). Just get some antivirus.*

    *although (AND THIS IS THE LAST THING WE’LL SAY ABOUT THIS WE PROMISE) you really shouldn’t get just any free antivirus you find laying around out there, because some of them are actually malware carriers in disguise, and some others are just really blah. So for your own good, always go with an antivirus from a cyber security company whose reputation is at least as good as ours.

    Use that pretty head of yours

    Apart from letting your antivirus detect and remove viruses, you’ll be doing yourself a huge favor by using proper cyber hygiene in the first place and following some basic internet safety tips:

    • Don’t just click on any link your friends send you on social media — especially if the message is just a link with no context, or if the words in the message don’t quite sound like them. People’s Facebook accounts get hacked and used to spread out viruses and malware. When in doubt, message your friend directly and ask if they really meant to send you that link. Often, the answer will be “What!? No!”

    • Don’t open any email attachment unless you 100% know what it is. Cyber criminals often rely on your natural curiosity to spread viruses - they tell you you’ve won something, but you haven’t entered any contests; or they send you a “flight itinerary”, but you aren’t planning on going anywhere. So you open the attachment to see what it’s all about, and bam, you’re infected. So, don’t.

    • Don’t fall for “Your PC is infected!” hysteric messages and pop-ups that aren’t coming directly from your antivirus. There is a very good chance they’re trying to lure you into downloading a fake antivirus and take your money, infect you computer with malware, or both. When our antivirus catches something, we let you know with a satisfying little message, and that’s it. We don’t ask you to download anything else, or pay any money.

    • Don’t enable macros in Microsoft Office. A few years ago we would have recommend you to disable macros, but Microsoft already does that by default. Which means cyber criminals try to trick you into enabling them with all sorts of dark mind tricks and fake warnings when you receive an infected email. Don’t fall for them.

    But seriously. Antivirus. Now.

    How do I remove a virus from my computer?

    Stopping a virus from getting into your PC is a lot easier than deleting a virus that’s already in your computer, but if you suspect your PC is already infected with a virus, do not fret. We’ve got you covered.

    Is your computer infected?

    If your computer has become very slow all of a sudden for no particular reason; if you’re being flooded with pop-up messages out of the blue; if programs and apps start by themselves, and you can hear the hum-hum of your hard drive constantly working in the background…

    … it may be.

    Here’s how you delete a virus

    We have a step-by-step guide that tells you how to get rid of computer viruses the safe and easy way. Give it a read. Or, if your phone has been acting oddly lately, check out our detailed guide to learn how to tell if your phone has a virus or other form of nasty malware — and how to get rid of it.

    Protect your Android against threats with AVG AntiVirus

    Free install

    Protect your iPhone against threats with AVG Mobile Security

    Free install
    Viruses
    Security
    Gonzalo Torres
    18-12-2017