#What's virus?How It Work?
A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works. The virus requires someone to knowingly or unknowingly spread the infection without the knowledge or permission of a user or system administrator. In contrast, a computer worm is stand-alone programming that does not need to copy itself to a host program or require human interaction to spread. Viruses and worms may also be referred to as malware.
Source
Type Of Virus
File infectors.
Some file infector viruses attach themselves to program files, usually selected .com or .exe files. Some can infect any program for which execution is requested, including .sys, .ovl, .prg, and .mnu files. When the program is loaded, the virus is loaded as well. Other file infector viruses arrive as wholly contained programs or scripts sent as an attachment to an email note.
Macro viruses.
These viruses specifically target macro language commands in applications like Microsoft Word and other programs. In Word, macros are saved sequences for commands or keystrokes that are embedded in the documents. Macro viruses can add their malicious code to the legitimate macro sequences in a Word file. Microsoft disabled macros by default in more recent versions of Word; as a result, hackers have used social engineering schemes to convince targeted users to enable macros and launch the virus. As macro viruses have seen a resurgence in recent years, Microsoft added a new feature in Office 2016 that allows security managers to selectively enable macro use for trusted workflows only, as well as block macros across an organization.
Overwrite viruses.
Some viruses are designed specifically to destroy a file or application's data. After infecting a system, an overwrite virus begins overwriting files with its own code. These viruses can target specific files or applications or systematically overwrite all files on an infected device. An overwrite virus can install new code in files and applications that programs them to spread the virus to additional files, applications and systems.
Polymorphic viruses.
A polymorphic virus is a type of malware that has the ability to change or mutate its underlying code without changing its basic functions or features. This process helps a virus evade detection from many antimalware and threat detection products that rely on identifying signatures of malware; once a polymorphic virus' signature is identified by a security product, the virus can then alter itself so that it will no longer be detected using that signature.
Resident viruses.
This type of virus embeds itself in the memory of a system. The original virus program isn't needed to infect new files or applications; even if the original virus is deleted, the version stored in memory can be activated when the operating system loads a specific application or function. Resident viruses are problematic because they can evade antivirus and antimalware software by hiding in the system's RAM.
Rootkit viruses.
A rootkit virus is a type of malware that installs an unauthorized rootkit on an infected system, giving attackers full control of the system with the ability to fundamentally modify or disable functions and programs. Rootkit viruses were designed to bypass antivirus software, which typically scanned only applications and files. More recent versions of major antivirus and antimalware programs include rootkit scanning to identify and mitigate these types of viruses.
System or boot-record infectors.
These viruses infect executable code found in certain system areas on a disk. They attach to the DOS bootsector on diskettes and USB thumb drives or the Master Boot Record on hard disks. In a typical attack scenario, the victim receives storage device that contains a boot disk virus. When the victim's operating system is running, files on the external storage device can infect the system; rebooting the system will trigger the boot disk virus. An infected storage device connected to a computer can modify or even replace the existing boot code on the infected system so that when the system is booted next, the virus will be loaded and run immediately as part of the master boot record. Boot viruses are less common now as today's devices rely less on physical storage media.
History of computer viruses
The first known computer virus was developed in 1971 by Robert Thomas, an engineer at BBN Technologies. Known as the "Creeper" virus, Thomas' experimental program infected mainframes on ARPANET, displaying the teletype message, "I'm the creeper: Catch me if you can."
Can get rid of the virus
Step 1: Enter Safe Mode
Do this by turning your computer off and on again. Then, as soon as you see anything on the screen, press the F8 button repeatedly. This brings up the Advanced Boot Options menu. From there, choose Safe Mode with Networking and press Enter. For now, keep your PC disconnected from the Internet.
Step 2: Delete Temporary Files
While you're in Safe Mode, you should delete your Temporary Files using the Disk Cleanup tool:
Go to the Start menu
All Programs (or just Programs)
Accessories
System Tools
Disk Cleanup
Scroll through the Files To Delete list, and choose Temporary Files
Deleting these files might speed up the virus scanning you’re about to do and could even get rid of a virus if it was programmed to start when your computer boots up.
Step 3: Download a Virus Scanner
There are two types of scanners that can detect and delete computer viruses and malware: real-time and on-demand:
A real-time scanner, like AVG AntiVirus FREE, scans for viruses in the background while you’re using your computer.
An on-demand operating system scanner, like Microsoft Safety Scanner, needs to be run manually each time you want to scan.
Using both types of scanner might be necessary to remove the virus. So if you don’t have a virus scanner installed, this is the time to reconnect to the internet and download it.
Even if you can’t connect to the internet you might still be able to download Microsoft Safety Scanner because you started up your computer in Safe Mode with Networking.
Step 4: Run a Virus Scan
Run the on-demand scanner first, then your real-time scanner. One of them should be able to identify the virus and remove it. But running both scanners increases your odds of success.