What Do Computer Viruses Do?

Published by Adrian in Web Security

Illustration Of a Computer Virus

Do you keep asking yourself “What do computer viruses do?”? It may not look and feel so, but it’s a great thing that you don’t know, yet! It can only mean that you didn’t have the chance to experience it firsthand. So, first of all, good for you – you were either incredibly lucky or you’ve been successfully avoiding the traps that lurk from all around the internet.

However, knowledge is power and getting to know your enemy before you deal with it will give you great leverage. Without further ado, let us introduce you to the essentials of computer viruses: how do they look, what do they do, how do they work, and, just to keep you on high alert, what can a virus do to your computer. These are the aspects we’re going to look into.

Despite what you might think, the notions we’re going to detail are easy to comprehend. Grab your popcorn and pay attention…

What does a computer virus look like?

A virus can mean a lot of things, which implies that it can also look in many different ways. Especially if we accept the general definition that a virus is pretty much anything that affects the way a computer is intended to work; it appears that the answer to our question is not easy.

“Anything that disturbs normal functioning in a computer” – that can look in a gazillion different ways, right? To narrow down our definition, a virus is a code or a program whose execution comes with malicious intent.

Code is the keyword here. A virus is a program or a set of code lines. Good news and bad news altogether, because computers work with codes, right? So, to put is simple, it’s not what a computer virus looks like, but it’s rather what it does…

A few lines of code might simply have the effect of gulping at your computer’s CPU or RAM resources. “Miners” are the type of viruses that do just that, relying on an infinite loop. A mathematics-informatics geek high schooler could write it in C or C++.

At the opposite end, a few other code lines could use such complex commands that would allow it to delete your files or to leak sensitive information stored on your PC, by sending it out to a predefined external source.

So…

Is there a more specific way to determine what does a computer virus look like?

The lines of code that can wreak havoc

Computer viruses are, at their core, a type of malicious code or even a program.

If it’s a program in itself, it will do something you don’t expect it to do. Most likely, it will also do it without you even knowing about it. For instance, it could claim it’s a computer game and, after you install it and try to play, it starts deleting your files. But a program that claims to be something that it isn’t is usually a trojan horse. And that’s just one type of the many computer viruses out there.

If it’s a type of malicious code, it will usually attach itself to another program, but also to a document or a file. Furthermore, it can attach itself to a spreadsheet program or simply start scanning your network for specific security breaches.

Malicious code can also travel as an attachment to an email, in which case the email will contain an executable. “Executable” is the keyword here because receiving emails with .DOC (word files), .XLS (spreadsheets) or .GIF (images) shouldn’t necessarily make you suspicious as they are data files. Attachments with .EXE, .COM or .VBS, on the other hand, are executables that you should clearly stay away from.

Long story short, computer viruses:

  • Can be easily mistaken as harmless programs, files, documents, etc.;
  • Can look like any other individual program or stay hidden, attached to a program;
  • Can look like anything from a game to a word document (see the famous Melissa virus we talked about in our previous article with the ultimate list of computer virus names);
  • Even though they look like normal code, it’s the environment where they run that makes it harmful;
  • Usually, they come from unknown developers!

Needless to insist on this detail, the way that virus code is written varies depending on the platform it targets. Viruses particularly developed for Windows PCs will not be able to work on Mac devices. That’s because the two operating systems are plainly different. And the virus was designed to target the specific vulnerabilities of one OS, which aren’t the same with the ones of the other system.

Similarly, viruses developed for mobile devices will look different and only work on mobiles, not on desktop computers.

But is it just normal code, after all?

The takeaway from here, however, is that “normal code” is just an appearance for everyone who has little knowledge about coding!

If you’re clueless about most of the programming languages out there, you could say it’s just normal code.

However, if you do know a thing or two about the code lines that you’re looking at… You might, at first, think that the person who wrote it made a mistake! To you, a tech-savvy, it’s obvious that…

  • There is a mistake;
  • That’s not the way it’s supposed to be written;
  • If those code lines are compiled, bad things will happen.

And then, it just hits you – it’s not a mistake, it was written like that on purpose. It’s malicious code. It’s evil intent.

Illustration of Computer Viruses Consequences

How does a computer virus work?

Now that you know how it looks – and the news isn’t too encouraging – you are probably asking yourself how it works. Your intuition is right – if it is, after all, so hard to pinpoint a virus by the way it looks, perhaps its behavior would give you a clearer sign. So, let’s find out how does a computer virus work.

To begin with, we must say that computer viruses aren’t just meant to do harm to one device. They are supposed to perform the malicious action on the host and continue to spread from one device to another. But before it gets there…

The virus must first successfully attach to a program, document or file that will serve as transfer mean and access point into the host. Once in there, it will lie dormant, waiting for the right circumstances that will allow it to run its malicious code.

That’s right! Just because a virus has entered your computer, it doesn’t mean you are infected. You must first run the source of the infection before the virus can get to wreak havoc.

Still, assuming it had found the opportunity to run, you can expect it to do one of the following things, depending on what kind of virus it is:

  • Attack the PC’s boot sector;
  • Send infected emails to everyone in your list of contacts;
  • Replicate itself and program your device to send its copies to many other devices;
  • Consume your bandwidth and processing power while replicating and attacking other devices through yours etc.

Not all viruses work in the same way

Depending on how a specific computer virus was designed, it can do one or more of the things above mentioned.

Boot sector viruses attack the boot sector precisely so they can run themselves every time when you turn on the device. That’s because the boot sector is the dedicated area of a PC’s hard drive where the start-up routine code is written. By inserting in there, the malicious code lines of a boot sector virus will be compiled with every new computer startup.

The viruses that hide attached to documents, emails or games will let those apps run normally. However, in the background, they run their malicious code and do what they’re supposed to do: send infected emails to all the contacts they find stored on the device, delete certain pieces of information, block your access to some files/folders, spy your actions and monitor what you do and what you type from your keyboard, and so on.

If it’s a worm you’re dealing with, you can expect it to use your PC for self-replicating and then swarm its way to a myriad of other devices connected with yours through a common network.

If it’s a botnet, it will particularly target your email address and install through it on thousands of other computers.

If it’s a macro virus, it will simply run its code when you use an app like Excel or Microsoft.

Long story short, a computer virus is a set of code lines. Those code lines not only dictate what the virus will do when allowed to execute its code, but also the context itself where it can be executed.

In other words, the answer to “How does a computer virus work?” lies in what does a computer virus do. Or, to say the least, what can a computer virus do, based on its core instructions. So, let’s look a little bit more into these aspects.

What does a computer virus do?

Written to intentionally alter your computer’s operation mode, a computer virus can do nothing, if you don’t run it (or don’t allow it to run). But at the same time, it can do anything to your device, even things you haven’t even thought they’re possible.

The range of effects varies from being just annoying or playful to causing serious damage, depending on the data it tampers. In some instances, it can cost you A LOT, generating revenues to the hacker that created or distributed it.

To kill the suspense, precisely because it’s just a bunch of code lines, a virus can do whatever the hacker wants it to do. As they say, the sky is the limit. The sky and… your antivirus software (or any other protection measures you rely on). But for the sake of demonstrating what can a virus do to your computer, let’s recap a few virus-specific actions:

  • Attach to programs, files, documents etc. and lie dormant there, waiting for the “right” circumstances, as dictated by its code;
  • Harm the operating system by either corrupting its data or destroying it altogether;
  • Harm the hard disk by either erasing data or causing permanent damages to it;
  • Steal general data or specific passwords, logging your keystrokes one by one;
  • Spam your email contacts, sometimes even becoming active without you having to double-click on the attachment;
  • Replicate itself by automatically resending the email with the infected attachment to dozens of other e-mail contacts;
  • Load itself into the system’s memory, so it will be able to keep running silently, in the background, for as long as you keep the device turned on;
  • Load itself into the boot sector, from a floppy disk or a hard disk, so it will be able to rerun at every computer startup (in places where many different people share a few computers, this action can prove devastating);
  • Jump to other computers from the network, by many different means – usually by finding security holes into your computer network and copying itself to another PC that has the same security hole that the worm has been scanning for (this is a worm-specific action);
  • Use your computer’s processing power and your network’s bandwidth to replicate (again, worm-specific action);
  • Completely take over your computer.

That’s just a small part of our answer to your question, what do computer viruses do… If people start telling you that you’re sending them weird messages. Or if you notice your computer freezes or lags more often than ever without an apparent reason. Or if you notice a high CPU usage even when you barely have a Word document opened… Or if anything else that you can associate with what we have described above, you’re most likely in trouble.

If you haven’t noticed anything yet, just keep an eye on it and don’t become overconfident. Better yet, stick around for our next article on How Do Computer Viruses Spread – we’re working on it and you’re guaranteed to learn some pretty useful things, prevention-related, from it!