What is a computer virus?

A computer virus is malware that can spread and multiply independently via host programs. This is why the name "virus" was chosen for this type of malware, because the biological counterpart also works in the same way. The digital viruses are not only limited to computers with Windows, Linux and macOS, but can also theoretically infect Android, iOS and other operating systems. Servers with their own systems can also be attacked and damaged by viruses. The type of damage that is done is not specified. When naming malware as a computer virus, the focus is on how it is spread. See below for more details.

What is a computer virus? How does the virus circulate? What types and types of computer virus damage are there? Are viruses still relevant for computers? I answer these and other questions in this guide.

How does a virus start and how does it spread?

A computer virus, like pretty much any other software, has to be written by someone. In addition to the harmful factors of the program or script, this person then also creates the elements that allow the virus to infiltrate systems and programs and spread through them. For example, an e-mail virus can get onto the computer through an attachment, settle in the e-mail client (Thunderbird, Outlook, Mail, etc.) and thus spread with every e-mail you send. Alternatively, it can be in the Browser (Edge, Firefox, Chrome, Opera, Safari, etc.) to nest or infect other programs.

In short, one person writes the virus and spreads it, then it spreads on its own through other host apps. In addition to e-mails, this can also happen through downloads - program downloads from dubious sources, archives with self-starting apps, documents, graphics or videos with hidden elements, and so on. Viruses do not appear in their pure form, i.e. as a mere script or individual app. They are embedded in (or copy themselves into) a host program that, when run, releases the virus. They then use the computer as a living space and look for points of attack there. Modern systems usually know how to prevent this.

Certain types of computer virus spread are defined in professional circles. Here is an outline:

• prepender: The computer virus inserts itself at the beginning of the host file code to be activated right at startup. The host app may start with a noticeable delay, since the main memory is first busy with the virus, which then has to load the program into RAM again.
• appender: More common form because the virus code is inserted at the end of the host. This is easier to do. But here, too, the virus is executed before the program in order to implement any necessary changes. 
• Entry Point Obscuring (EPO): With each attack, EPO viruses look for a different point in the host program that is not at the beginning (prepender) or end (appender). As a result, antivirus programs do not detect them in the quick search, which only examines code beginnings and ends. This type requires more knowledge and skills from programmers.
• override: The virus overwrites a host file found to match, or the file specified by the creator, making it unusable.
• companion virus: The computer virus replaces the executable instead of infecting or overwriting it. A renaming takes place so that users think that the infected file is the original. It is not a "real virus" as the host file is only renamed, moved or deleted but not actually infected.

What types of computer viruses are/were there?

In addition to the file virus that has been primarily described up to this point, there are also other types of computer viruses. Here is a small overview of the classification:

• boot virus: One of the oldest, but also most difficult forms of the computer virus, due to strong technical limitations. The boot virus gets stuck in the boot sector, which is loaded on storage media (hard disk, floppy disk, CD-ROM image, USB stick, etc.) before the operating system. The system can be adjusted or bypassed. No longer relevant today.
• file virus: The most common type, which (as described above) settles in programs or databases in order to spread. Often, the file virus inserts itself at the end of an app's executable code, since that's the easiest way. Strong resemblance to the link virus.
• macro virus: This type of virus affects programs that use macros to process files. i.a. Office programs use macros, which helped this type of computer virus to spread rapidly when it first emerged around the turn of the millennium. Office documents were heavily exchanged. This is also the case today, but the viruses are no longer relevant.
• script virus: Script viruses don't use compilers, they use interpreters, which helps with multiple steps of execution and cross-system deployment. Script viruses mainly affect / affected servers and other systems related to web applications. The distribution on private computers is negligible today.
• combinations: Of course, the forms mentioned can occur in combination as mixed form viruses, which can mean greater damage and / or faster spread.

What damage can a virus do to the computer?

As already mentioned, the designation of a computer virus is not limited to its influence on software and hardware. The term "virus" only indicates that the malware spreads independently. Therefore, the damage done by a virus to a computer can vary depending on the specific type. Here some examples:

• use of computing power: The least harmful impact is that the virus consumes processor power and memory, draining resources from the system and other programs.
• Make known: Viruses in particular, which are simply intended to show weaknesses (in software, hardware or in users), identify themselves through screen messages, animations, program windows, music, other audio, possibly even opening the CD drive, etc .
• Data deletion: The mass deletion of data or the formatting of entire storage media is the often cited but rarely triggered horror scenario that is attributed to computer viruses. Actually, data should continue to exist so that the virus can spread without being detected.
• Damage caused by programming errors: If the actual purpose was not programmed correctly, unforeseen damage (destruction of data stocks, deletion of the system) can occur. The previous point "data deletion" is more of an accident than the intended purpose of the virus.
• Hardware damage: Desired hardware damage by a computer virus requires special knowledge on the part of the programmer. You need to know what hardware is being used and how to manipulate it. Incorrect commands to memory management, extreme audio or image signals for speakers and screens, overclocking the CPU or GPU and the like could become feasible. 

Is the computer virus still relevant as a danger?

According to developers and advertising departments of antivirus software, there is nothing worse in the world than a computer virus. However, this type of malware lost its relevance around 15 years ago. Because the most common distribution channels are now protected and existing points of attack only affect niches. Ergo, there is hardly any danger from real computer viruses for private users. They have been superseded by worms, trojans, rootkits, spyware, ransomware, and other more specific software that spread differently. 

While viruses are often intended to annoy and/or cause damage, malware, which is now more common, has specific purposes (spying, collecting data or encrypting it for blackmail, taking over computers, etc.). Modern antivirus software should also recognize and block most of these attacks and remove the causative software. However, it will not be renamed, probably due to the marketing based on the name and the lay target group. The benefit of these protection programs is a topic of its own - of course there are pros and cons. But more on that elsewhere.

How do I protect myself from a computer virus?

Nowadays it is actually enough to sit down at the computer with your eyes wide open and not be tempted by (sometimes really obvious) lure maneuvers to access dubious sites or downloads from dubious sources when using the Internet. E-mails should also be checked for the sender. If the person or company seems unknown, then the mail should be deleted. Links and attachments should only be opened with special care. The greatest danger here is now phishing (Guide: How to recognize phishing emails). Virus scanners and antivirus apps promise a lot, but are often superfluous. Due to the required system access, they can also serve as a gateway themselves.

More reading on the subject

I have tried to give you a comprehensive insight into the topic of "computer viruses" with this post here on the Sir Apfelot Blog. Of course, I couldn't squeeze all the information into the present framework. So here are a few more sources that can help you with further research:

• Wikipedia article on the subject (also contains information on the self-protection of viruses)
• Why you shouldn't install antivirus software on your Mac (article from 2019)
• Virus protection: The digital snake oil (Video from 2022)

Johannes Domke

After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.