Introduction to Viruses

A virus reproduces, usually without your permission or knowledge. In general terms they have an infection phase where they reproduce widely and an attack phase where they do whatever damage they are programmed to do (if any). There are a large number of virus types.

Viruses are a cause of much confusion and a target of considerable misinformation even from some virus experts. Let’s define what we mean by virus:

A virus is a program that reproduces its own code by attaching itself to other executable files in such a way that the virus code is executed when the infected executable file is executed.

You could probably also say that the virus must do this without the permission or knowledge of the user, but that’s not a vital distinction for purposes of our discussion here. We are using a broad definition of “executable file” and “attach” here.

An obvious example of an executable file would be a program (COM or EXE file) or an overlay or library file used by an EXE file. Less obvious, but just as critical, would be the macro portion of what you might generally consider to be a data file (e.g., a Microsoft Word document). It’s important to also realize that the system sectors on either a hard or floppy disk contain executable code that can be infected–even those on a data disk. More recently, scripts written for Internet Web sites and/or included in E-mail can also be executed and infected.

To attach might mean physically adding to the end of a file, inserting into the middle of a file, or simply placing a pointer to a different location on the disk somewhere where the virus can find it.

Most viruses do their job by placing self-replicating code in other programs, so that when those other programs are executed, even more programs are infected with the self-replicating code. This self-replicating code, when triggered by some event, may do a potentially harmful act to your computer.

Another way of looking at viruses is to consider them to be programs written to create copies of themselves. These programs attach these copies onto host programs (infecting these programs). When one of these hosts is executed, the virus code (which was attached to the host) executes, and links copies of itself to even more hosts.

Similar to viruses, you can also find malicious code in Trojan Horses, worms, and logic bombs. Often the characteristics of both a virus and a worm can be found in the same beast; confusing the issue even further.

Note: The balance between viruses, worms, and Trojan Horses changes from time to time. In the early days of such malware viruses tended to dominate. Various macro viruses/worms appeared later as the dominate form and by around 2005 or so Trojan Horses started to be more prominent and by early 2008 they were, by far, the dominant malware.

Before looking at specific virus types you might also want to consider the following general discussions:


  • A virus is a program that reproduces its own code.
  • Generally, the first thing a virus does is to reproduce (i.e., infect).
    • Viruses balance infection versus detection possibility.
    • Some viruses use a variety of techniques to hide themselves.
  • On some defined trigger, some viruses will then activate.
    • Viruses need time to establish a beachhead, so even if they activate they often will wait before doing so.
    • Not all viruses activate, but all viruses steal system resources and often have bugs that might do destructive things.
  • The categories of viruses are many and diverse. There have been many made and if you get one it should be taken seriously. Don’t be fooled by claims of a good virus; there is no reason at the moment to create one.
Up ArrowVTutor Home Page Up Arrow
Prior Page Next Page
VTutor Home Page Virus Behavior

Comments from Original Post:

Said this on 2010-04-26 At 07:46 am
great post very well written, well virus is very common in Windows platform, that’s the reason why there’s a lot of anti virus nowadays.

Said this on 2011-03-05 At 11:33 pm
this is very good site. it surely help the students who are aware of this deadly virus which is becoming virulent day by day.