Common Types of Computer Malware Explained

Posted by Anonymous and classified in Computers

Written on February 1, 2026 in English with a size of 6.04 KB

1. Boot Sector Virus

It is a type of virus which infects the master boot record (portion of the hard disk which helps to load the OS) or hard disks.
The infected code runs when the system is booted from an infected disk.
They infect at a BIOS level (BIOS checks hardware and loads the OS).
They use DOS commands (text-based commands used to perform tasks such as file management, disk management, and running programs) to spread to other floppy disks. Since floppy disks are rarely used now, the propagation of boot sector viruses has almost ended.
With the boot-sector safeguards in operating systems, boot-sector viruses can no longer infect computers.
This virus can infect a computer only during boot-up. Once the system has started and the OS is running, the virus cannot infect it.
Examples: Polyboot.B, Joshi, Gravity, AntiEXE, and Cbrain virus.

A companion virus does not modify any files.
Instead, it creates a copy of the file and places a different extension on it, usually .com. This makes a companion virus difficult to detect, as anti-virus software normally looks for changes in the original file.
The companion virus is an older type of virus used when MS-DOS was prevalent.
It needs human action (like running an infected program) to spread.
After Windows XP replaced MS-DOS, these viruses became less effective because it became harder for such viruses to propagate themselves.
Some examples include: Stator, Asimov.1539, and Terrax.1069.

An email virus is attached to or sent with email communications.
Email viruses vary in many ways:
- Unknown or strange emails: Sometimes the sender of an email virus may be unknown to a user, or a subject line may be filled with silly text.
- Disguised emails: A hacker can make an email look like it’s from someone we know and trust. This tricks us into opening it or clicking a link, which can put a virus on the computer.

Logic bombs and time bombs are small malicious programs designed to cause harm at a certain point in time, but they do not replicate. (A Logic Bomb triggers when a certain condition is met, whereas a Time Bomb activates at a specific time).
They are not separate programs; they are camouflaged (hidden) segments of other programs. [Example: A harmless-looking game might have a logic bomb inside it that deletes files on your computer.]
A logic bomb can damage a system (like deleting a database), set by someone seeking revenge or sabotage (deliberately destroy), even when they are not there to see it happen. For example, a programmer might use a logic bomb to delete important sections of the code if they are terminated from the company.
Logic bombs are most commonly installed by insiders who have access to the system.

A MAC or Macro Virus is a virus that spreads to other computers through software programs that utilize macros.
[A macro is a set of instructions that makes a program perform tasks automatically, like automatically formatting headings in Ms Word.]
These viruses infect files created using applications or programs that contain macros, such as .doc, .pps, .xls, and .mdb.
For example, Microsoft Word and Excel can run macros. A macro virus can start in one document and then spread to other documents on the same computer or to other computers through shared files.
They hide in documents shared through e-mail and networks.
Examples of macro viruses: Relax, Melissa.A, Bablas, and O97M/Y2K.
Macro viruses stay hidden in the RAM and start when the computer is turned on, then infect any files that are opened.

Cross-site scripting (XSS) is an attack where hackers put harmful code into a website inside the comment box, etc., which then runs in the user’s browser.
It mostly uses the website as a vehicle to deliver a malicious script to the victim’s browser.
When the page loads, the harmful script runs automatically, and the user cannot avoid it.
A Cross-Site Scripting (XSS) virus can:
- Steal sensitive data (like cookies, passwords, or session info).
- Redirect users to fake or harmful websites.
- Show fake messages or ads.
The most common example of XSS uses JavaScript code.

The Worm is very similar to a virus and has the ability to self-replicate and infect the computer.
They hide in the hard disk, get activated when the computer starts, and carry code that helps them spread to other systems.
Worms have the ability to damage and infect entire LANs.
It does not modify a program like a virus; however, it replicates so much that it consumes the computer's resources and slows it down.
Worms are independent programs, whereas viruses attach themselves to another program.
Examples of Worms: Lovgate.F, Sobig.D, Trile.C, PSWBugbear.B, Mapson, Code Red, and Nimda.

A Trojan horse is hidden malicious code, similar to a virus, that could alter or delete the information of a client computer or perform any other unauthorized function.
Trojan horses contain programs that can damage files or corrupt data and software applications.
Trojans can illegally trace important login details of users online – for example, E-Banking.
The activities of Trojans include:
- Deleting data
- Blocking data
- Modifying data
- Copying data
- Disrupting the performance of computers or computer networks
Trojan horses do not replicate themselves like viruses and do not infect other software.
The difference between bombs and Trojans is that bombs are insider jobs, while Trojans are brought in from outside by unsuspecting users through other programs.

Tags: