Virus Types and the Differences

Computer viruses are small software programs designed to spread from one computer to another, interfering with computer operation. They can do a variety of things, from corrupting and deleting your computer’s data to using your email program to spread to other computers. They can even erase everything on your hard disk.

The majority of viruses are spread through online downloads, hiding themselves in illicit software, files, or programs that you download to your computer. They can also be found in email attachments and occasionally through messenger apps, which it’s why it’s essential that you never open any attachments unless you know who it’s from and you’re expecting it. They can be as innocuous as a funny image or even hide in audio and video files.

There are a wide variety of viruses and malicious programs that can attack your computer. Keep reading to learn more about the different types and how you can protect yourself from them.

Most common viruses and malicious programs

Resident Viruses

This is a type of virus that dwells in in your RAM; from there, it can overcome and interrupt all options executed by your system, corrupting files and programs that are opened, closed, copied, renamed, etc. Examples include:

  • Randex
  • CMJ
  • Meve
  • MrKlunky

Multipartite Viruses

These viruses are distributed through infected media and usually hide in your computer’s memory, gradually moving to the boot sector of the hard drive and infecting your executable files. Its goal is to infect all .exe files throughout your computer system.

Direct Action Viruses

The main purpose of these viruses is to replicate, then take action when executed. When a specific condition is met, they go into action and infect files in the directory or folder they’re in, as well as in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file is always located in the root directory of your hard disk, and carries out certain operations when your computer is booted.

Overwrite Viruses

These viruses delete the information contained in the files they infect, rendering them partially or totally useless. The only way to “clean” a file that’s been infected by an overwrite virus is to delete it completely, which will cause you to lose the original content. Examples include:

  • Trj.Reboot
  • Way

Boot Viruses

These viruses affect the boot sector of your hard drive, where the information and programs are stored that make it possible to start your computer. Examples include:

  • AntiEXE
  • Polyboot.B

Macro Viruses

Macro viruses infect files that are created using certain applications or programs that contain macros – mini-programs which make it possible to automate a series of operations so that they’re performed as a single action, saving the user from having to carry them out individually. Examples include:

  • Relax
  • Bablas
  • Melissa.A

Directory viruses

These viruses change the paths indicating a location of a file. When you execute a program (a file with the extension .EXE or .COM) which has been infected by this virus, you’re unknowingly running the program; the original file or program have been relocated. Once your system is infected, it becomes incredibly difficult – if not impossible – to locate your original files.

Polymorphic Virus

These viruses encrypt or encode themselves differently – using different algorithms and encryption keys – every time they infect a system, making it impossible for antivirus programs to find them using string or signature searches. It also enables them to create a large number of copies of themselves. Examples include:

  • Satan Bug
  • Marburg
  • Tuareg

File Infectors

These viruses infect programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, either directly or indirectly, the virus is activated and produces the damaging effects it’s programmed to carry out. The majority of existing viruses belong to this category and can be classified depending on what they do.

Encrypted Viruses

These viruses contain encrypted malicious code and typically replicate by decrypting themselves and spreading. When encrypted, it’s difficult for antivirus software to detect them. However, once they decrypt themselves in an attempt to spread, your antivirus can catch them fairly easily.

Companion Viruses

These can be considered file infector viruses, similar to resident and direct action viruses. Once they get into your system, they accompany other files that already exist; in other words, in order to carry out their own infection routines, they can either wait until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses). Examples include:

  • Stator
  • Asimov.1539
  • Terrax.1069

Network Viruses

These viruses rapidly spread through a Local Network Area (LAN), and occasionally throughout the internet. They generally multiply through shared resources like drives and folders; when they infect a computer, they search through the network to find new prey. Once they’ve finished infecting that computer, they move on to the next, repeating the cycle. The most dangerous network viruses are:

  • Nimda
  • SQLSlammer

Nonresident Viruses

These viruses are similar to resident viruses (though they don’t host themselves in your computer’s RAM), and consist of a finder module and a replication module. The finder module finds new files to infect; when it finds a new executable file, it calls the replication module to infect it.

Stealth Viruses

These viruses try to “trick” your antivirus software by intercepting its requests to the operating system. They can successfully hide from some antivirus programs, but not all.

Sparse Infectors

These viruses attempt to avoid detection by using different techniques, like only infecting a file every 10th time it’s executed, or files whose names begin with certain letters of the alphabet. They are more challenging for antivirus programs to find, but as software becomes more advanced they’re easier to discover.

Spacefiller (Cavity) Viruses

These viruses attempt to be clever by housing them inside empty spots in a program file’s code without damaging the program itself. Because the virus doesn’t increase the length of the program’s code, it’s harder to detect. The Lehigh virus was an early example.

FAT Viruses

The File Allocation Table, or FAT, is the part of your hard drive used to connect information and is vital to keep your computer functioning normally. This virus can be especially dangerous, as it can prevent access to sections of the drive where important files are stored, and any damage it causes can result in information loss from both individual files and entire directories.


Technically, worms aren’t viruses; they’re very similar to viruses, though, in that they have the ability to self-replicate and can lead to negative effects on your system. Most importantly, however, is that they are treated the same as viruses by your antivirus software, and can be detected and eliminated. Some examples of worms include:

  • Lovgate.F
  • Sobig.D
  • Mapson

Trojans (Trojan Horses)

These aren’t viruses, but are a type of malicious code that can infect your computer. Unlike viruses, they don’t replicate by infecting other files. However, like viruses, they can be detected by your antivirus software.

Logic Bombs

These are camouflaged segments of other programs whose objective is to destroy data on your computer once certain conditions have been met. Because they do nothing until launched, they often go undetected, and the results of their attack can be incredibly destructive.

Preventing infection by viruses and other malicious programs.

Because many malicious programs, like “worms,” travel the internet seeking vulnerable computers, you can be at risk of infection just by being online. Luckily, though new viruses are being created constantly, there are steps you can take to protect your computer.

Your most important defense is antivirus software; installing and regularly updating this software will help protect your computer. Unfortunately, while antivirus software is a key component of your defense, it’s no longer enough to keep you fully protected. You should also make sure you’re updating your operating system regularly. Windows users can install critical updates through Windows Update, while Macintosh users can click on their Apple menu and choose Software Update.

Other virus prevention tips

  • Don’t open emails with attachments if the message is suspicious – even if they’re from a friend or acquaintance.
  • Don’t download files from strangers, and be cautious when downloading files from the internet.

Advertiser Disclaimer: We are a professional review site that receives compensation from the companies whose products we review. We test each product thoroughly and give high marks to only the very best. We are independently owned and the opinions expressed here are our own. We are not responsible for direct, indirect, incidental or consequential damages resulting from use of any antivirus software and/or this website.