What Is a Computer Virus?

A computer virus is an ill-natured software application or authored code that can attach itself to other programmes, self-replicate, and spread itself onto other devices. When executed, a virus modifies other computer programmes by inserting its code into them. If the virus’s replication is successful, the affected device is considered “infected” with a computer virus.

The malicious activity carried out by the virus’s code can damage the local file system, steal data, interrupt services, download additional malware, or any other actions the malware author coded into the programme. Many viruses pretend to be legitimate programmes to trick users into executing them on their devices, delivering the computer virus payload.

Every computer virus has a payload that performs an action. The threat actor can code any malicious activity into the virus payload, including simple, innocuous pranks that don’t do any harm. While a few viruses have harmless payloads, most of them cause damage to the system and its data. There are nine main virus types, some of which could be packaged with other malware to increase the chance of infection and damage. The nine major categories for viruses on computers are:

Boot Sector Virus

Your computer drive has a sector solely responsible for pointing to the operating system so that it can boot into the interface. A boot sector virus damages or controls the boot sector on the drive, rendering the machine unusable. Attackers usually use malicious USB devices to spread this computer virus. The virus is activated when users plug in the USB device and boot their machine.

Web Scripting Virus

Most browsers have defences against malicious web scripts, but older, unsupported browsers have vulnerabilities allowing attackers to run code on the local device.

Browser Hijacker

A computer virus that can change the settings on your browser will hijack browser favourites, the home page URL, and your search preferences and redirect you to a malicious site. The site could be a phishing site or an adware page used to steal data or make money for the attacker.

Resident Virus

A virus that can access computer memory and sit dormant until a payload is delivered is considered a resident virus. This malware may stay dormant until a specific date or time or when a user performs an action.

Direct Action Virus

When a user executes a seemingly harmless file attached to malicious code, direct-action viruses deliver a payload immediately. These computer viruses can also remain dormant until a specific action is taken or a timeframe passes.

Polymorphic Virus

Malware authors can use polymorphic code to change the programme’s footprint to avoid detection. Therefore, it’s more difficult for an antivirus to detect and remove them.

File Infector Virus

To persist on a system, a threat actor uses file infector viruses to inject malicious code into critical files that run the operating system or important programmes. The computer virus is activated when the system boots or the programme runs.

Multipartite Virus

These malicious programmes spread across a network or other systems by copying themselves or injecting code into critical computer resources.

Macro Virus

Microsoft Office files can run macros that can be used to download additional malware or run malicious code. Macro viruses deliver a payload when the file is opened and the macro runs.

For a threat actor to execute a virus on your machine, you must initiate execution. Sometimes, an attacker can execute malicious code through your browser or remotely from another network computer. Modern browsers have defences against local machine code execution, but third-party software installed on the browser could have vulnerabilities that allow viruses to run locally.

The delivery of a computer virus can happen in several ways. One common method is via a phishing email. Another technique is hosting malware on a server that promises to provide a legitimate programme. It can be delivered using macros or by injecting malicious code into legitimate software files.

At their core, computer viruses are discreet programmes that hitch a ride on other files or applications. In most cases, their primary objective is to replicate and spread like wildfire.

Computer viruses function as malicious software programmes designed to infect other programmes by modifying them in some way. In doing so, a virus will attach itself to an unsuspecting file or application in order to spread.

The Infection Process

A virus can attach itself to any legitimate programme or document that supports macros to execute its code, such as an email attachment or a file download from a website. Once the file is opened or downloaded, the virus springs into action and starts executing.

Hiding in Plain Sight

Computer viruses can be quite crafty to remain hidden from both users and antivirus software alike. Viruses employ stealth techniques such as polymorphism, which changes their appearance, or encryption methods.

The Damage Done

Once activated, a virus may wreak havoc on your computer system. It can steal sensitive data, corrupt files, slow down performance, and even crash your entire system. It can spread from system to system after a user takes action that either intentionally or accidentally facilitates it.

It’s important to note that viruses are just one type of malware, and many other types of malicious software can harm your computer or steal your personal information.

Computer viruses spread through various channels, and being aware of these channels is essential to protect yourself and your organisation from infection.

Email Attachments

One method of virus transmission is through email attachments. Hackers often disguise their malicious code as seemingly harmless files, such as documents or images unsuspecting users open without a second thought. For example, Ursnif banking Trojan campaigns are known to spread via email attachments posing as invoices or financial statements.

Internet Downloads

Viruses can also hide in software installers, media files, or even browser extensions that you download from the web. It’s important to be cautious when downloading files from unknown sources or sketchy websites. A notorious case was the Download.com scandal, where popular applications were bundled with adware and other unwanted programmes by default.

File Sharing Networks

File sharing networks like torrent sites and peer-to-peer platforms can easily transmit viruses. Innocent-looking movie torrents or cracked software may carry hidden payloads designed to compromise your device upon installation. For example, The Pirate Bay used a browser-based cryptocurrency miner, so when someone visited the website, their computer was used to mine cryptocurrency without their knowledge or consent.

Removable Media

Viruses can attach to removable media, such as USB drives and CDs/DVDs, infecting any computer they’re plugged into. The infamous Stuxnet worm is a prime example of a virus that spreads through removable media.

To protect yourself and your organisation from computer viruses, always exercise caution and employ robust cybersecurity measures like up-to-date antivirus software and regular system scans. Remember, knowledge is power, especially when preventing viruses and cyber-attacks.

While overlapping in intention and meaning, malware and viruses are two distinct terms that are often used interchangeably.

Malware is a general term for any type of malicious software, while a virus is a specific type of malware that self-replicates by inserting its code into other programmes. While viruses are a type of malware, not all malware is a virus.

Malware can take many forms, including viruses, worms, trojans, spyware, adware, and ransomware, and it can be distributed through infected websites, flash drives, emails, and other means. A virus requires a host programme to run and attaches itself to legitimate files and programmes. It causes a host of malicious effects, such as deleting or encrypting files, modifying applications, or disabling system functions.

Removing a computer virus can be a challenging task, but there are several steps you can take to get rid of it. Common steps to remove a computer virus include:

1. Download and install antivirus software: Assuming you don’t already have antivirus software installed, download and install a real-time and on-demand solution, if possible. A real-time malware scanner scans for viruses in the background while you use the computer. You must start the on-demand scanner whenever you want to scan your device.
2. Disconnect from the internet: Some computer viruses use the internet connection to spread, so it’s best to disconnect from the internet when removing a virus from your PC to prevent further damage.
3. Delete any temporary files: Depending on the type of virus, deleting temporary files can also delete the virus, as some viruses are designed to initiate when your computer boots up.
4. Reboot your computer into safe mode: To help mitigate damages to your computer while you remove a virus, reboot your device in ‘Safe Mode.’ This will inhibit the virus from running and allow you to remove it more effectively.
5. Run a virus scan: Run a full scan using your antivirus software, opting for the most thorough or complete scanning option available. If possible, cover all your hard drive letters during the scan.
6. Delete or quarantine the virus: Once the virus is detected, your antivirus software will give you the option to delete or quarantine the virus. Quarantining the virus will isolate it from the rest of your computer to prevent it from causing further damage.
7. Reboot your computer: Assuming you’ve effectively removed the virus, your computer can be rebooted. Simply turn on the device as you would do so normally without initiating the “Safe Mode” option.
8. Update your browser and operating system: To complete the virus removal process, update your operating system and web browser to the latest version possible. Browser and OS Updates often contain fixes for particular vulnerabilities and exploits.

Given the general nature of this process, the outcome may vary from virus to virus and device to device. If you are unsure if you’ve effectively removed a virus from your computer, contact an IT or computer professional for assistance.