Skip to main content

Types of Virus

There are three major categories of computer virus, each of which can be divided into a number of sub-categories:

  • Boot sector viruses: attack the boot program stored on every bootable hard disk or floppy. The virus code is executed by the system when it is started up. By installing itself in this location the virus ensures that it will be executed whenever the system is switched on, giving it full control over the system. Boot sector viruses are often spread by infected bootable floppy disks.
  • File infectors: attack and modify program files, usually .exe or .com files. The virus executes when the infected program is run. It normally loads itself into memory and waits for a trigger, such as a particular system date, before trying to find and infect other program files. File infectors can be spread from removable media, over networks and via the Internet.
  • Macro Viruses: make use of the built-in programming languages in applications programs such as Word and Excel. These languages are intended to allow users to create short programs, known as macros, to automate frequently performed tasks. Macro viruses can copy themselves into other documents and spread just like a conventional virus.

Virus writers use a variety of techniques to make their programs difficult to discover and eliminate, eg:

  • Polymorphic viruses: are designed so that each time they infect, their appearance and size changes. This confuses virus scanners that look for predefined patterns and makes detection more difficult.
  • Stealth viruses: hide the changes they have made to the hard disk so that they do not appear to have infected the system, eg: a file-infector might misreport the size of infected files, so they don't appear to have been infected, or a boot sector viruses might intercept attempts to read the boot sector and return forged data which makes it appear OK.

Next: Virus Symptoms