I have to teach a group of non-CS students what computer viruses are. The course material contains only definitions and some details about what those viruses do. But those things are known to everyone who knows what a computer is.

I want to touch upon, in a non-technical way, the programming or technical side of a virus. The solution can be writing a program which non-programmers can understand or comparing what a computer virus does to a real world situation. Any thoughts, suggestions or examples for how can I go about it? Humorous answers are acceptable too.

    Two questions you might also want to look at for more reference material: How does a CPU know what the commands mean? and Can some software physically damage hardware?
    A Virus is only one form of Malware, are you intentionally asking about a virus or Malware in general?, which encompasses all the other terms like worm, trojan, etc.
    Some people might be scared they get infected ;-)
    "Comparing what a computer virus does to a real world situtation" — Are computers not part of the real world anymore?
    @Moab All non-technical people may not be knowing what a "malware" is but they are familiar with the phrase "computer virus". This is because of the popularity of the word "anti-virus". My question is about Malware in general.
I think that the similitude with biological system (from which the word virus has been taken from) is good.

Like biological viruses causes the cells behavior to be subverted, computer viruses do the same with computer programs.

They also have other similar behavior:

  1. both computer viruses and biological ones are self-replicant
  2. both can't live without an host system
  3. both are made by small pieces of information (DNA versus Binary Instructions)
    Actually biological analogy is terrible. It makes people blindly believe in antivirus software as they do trust their immune system and doctors, which is foolish. The analogy also breaks when one thinks about how computer viruses "infect" their targets. All computer viruses exploit some kind of trust misplaced by the user or a programmer, when the trusted program does something malicious. On the other hand, there is no clear notion of trust and malice in biological systems.
    @Rotsor: I'd say the notion of biological trust is defined by mere lack of defense. Malice is anything that would disrupt the host system. Anything against which you have no antigen is implicitly trusted. Besides, at the cell level, a virus injects DNA in the hope that it will be replicated, but the cell may have mechanisms for refusing DNA that isn't appropriately marked. The average immune system is only more secure than the average computer system because of millions of years of trial and error, and constant buildup of tolerances within the lifetime of an individual.
    ..... Similitude?!
    @Rotsor -- with all respect, I think you are completely wrong. A computer virus is not a "metaphorical" virus. Computer viruses and biological viruses are two different kinds of viruses (arguably, the only two kinds so far), just as cars and submarines are two different kinds of vehicles: they have different strategies and technologies because they have different obstacles to overcome, but ultimately, they "solve" the same sorts of problems.
    @Tumharyyaaden - and without a living organism as host, viruses are just a string of nucleic acid molecules wrapped in protein.
The word "virus" helps. Most genetic material is beneficiary, but some is dangerous. Similarly, most computer software is written for the benefit of the user, but a computer virus is not.

Note that I am using the colloquial usage of the word "virus" to refer to all malware. When describing things yourself, be sure to use the term malware to refer to malicious software. A virus is only one type of malware.

Don't go explaining all the different types of malware but rather the effects that they can have:

  1. They send spam from your computer
  2. They attack other computers from your computer
  3. They slow down your computer's performance and internet connection
  4. They will parse your addressbook and send spam to your contacts
  5. They will upload your personal files to malicious entities, including your banking information and credit card details

Everyone who uses a computer knows what computer viruses can do (like steal files or cause physical damage, especially because some viruses have already caused physical damage), but not many know how they do it. I think this is what you are getting at with your question. It also is worth mentioning that a computer has no awareness (yet, for those proponents of AI), it simply performs the instructions it is sent.

A virus itself performs malicious tasks on a user's computer (stealing/deleting personal data, corrupting system files, etc...), and since computers run code, the virus itself must exist as pure code. Viruses can exist as stand-alone programs (i.e. their sole purpose is malicious intent), they can pose as "good" programs, or they can infect other programs already on your machine. Viruses spread in all three of these ways, or on a network (I believe this is more correctly called a worm).

In the case of an "infected" program, the virus overwrites certain parts of the application with it's own code, or injects it's own code into the application (so it seems to be working). The computer will then start the application, and begin executing the instructions as normal. Once the virus code is hit, the malicious operation of the virus begins.

What the virus does next is up to the virus creator. It may simply be a proof-of-concept, and may sit in your memory dormant. It may corrupt various system files, send itself to your address book, or sit and wait for you to type in credit card numbers.

These malicious programs/code are called viruses due to their equivalency to the operation of their biological counterparts. Viruses spread and infect a host, much like malware.

One last thing you might want to mention, new viruses can literally "rewrite" themselves on-the-fly. They do this through various types of polymorphism, to disguise the actual code and make it difficult for anti-virus software to detect them. Newer anti-virus programs rely on heuristic analysis of programs, and determine what they are trying to do, and if they pose a threat to the system (or not).


Most computer programs are designed to help you.
They edit documents, calculate numbers, or play games.

Computer viruses are programs that are designed to harm you.
They steal credit card details, send spam, or show advertising.

For example, one common virus is designed to look like an anti-virus program. However, unlike real anti-virus programs, all of the viruses that it reports are fake; it simply tries to scare you into buying their fake program so that it can "fix" your computer.

    Computer viruses aren't necessarily malicious - the term merely encompasses all code which reproduces to other computers.
Describe the Trojan Horse the Trojans used as an example. It's disguised as something useful, but will kill you if you let it in.

Mention that Malware isn't considered a virus, but mostly a data thief or ad pusher that makes the thief money of them, even if they aren't aware of it

    The Trojans did not use the Trojan Horse. The Greeks built it in order to invade the city of Troy. (Sorry for being nit-picky :P)
Compare it to STD's, the gift that keeps on giving!


Explaining the technical side of a virus to a non technical crowd is not an easy task. Not only because they might not understand it, but also because it will be hard to catch their attention if you dive into too many details.

Besides using a good real world analogy, I think that you should use a concrete example. Just grab a famous virus and tell them the story.

For example, the ILOVEYOU virus infected tens of millions of computers in 2000. The virus replaced every .jpg and .doc file with a copy of itself and used Microsoft Outlook to send infected emails to everyone in the address book.

enter image description here

This is a typical viral behavior which is easy to explain and understand.


Well, there are multiple definitions of a "virus".
The most common one (and the one your students probably know) is basically a catch-all term for all malware, ex. "my computer has a virus!!!"

The correct definition of virus is a program that reproduces over a network, with human aid. It may infect certain files by appending malicious code, so that when the infected file is run, the virus is also run. When the virus is run, it runs code that spreads it to other computers, and also executes a payload. The payload is the part of the program that makes it malicious or not; some payloads are relatively benign, basically electronic graffiti (popping up dialog boxes with obscenities, for example), but others range from dropping other malware to stealing passwords and attempting fraud.

Viruses are commonly confused with worms, which do not require human aid to propagate.

Another kind of malware that a virus is confused with is called a 'Trojan Horse' (beware of geeks bearing gifts?) that pretends to be a useful program, such as a free antivirus software, but contains a payload.

I have to explain things like this all the time to my friends that are not exactly as technologically literate as some. What I do is ask them for their definition of virus, and then explain what the correct definition is.

(panicked n00b: THERE'S THIS NEW VIRUS THAT IS SPREADING UNCONTROLLABLY AND NO ONE CAN STOP IT!!! geek: no, that's a worm. Viruses can't spread on their own. [proceed into definition of malware in layman's terms])

    -1 a)"The most common one{definition} (and the one your students probably know) is basically a catch-all term for all malware," <-- I don't believe that at all. Malware is the generic term, Virus is specific.Virus never means just any malware unless somebody doesn't know what they're talking about. b)"The correct definition of virus is a program that reproduces over a network" <-- Rubbish. Viruses went around before people had networks. With sneakerware network/ floppy disks. And if you're talking to non technical friends they'd be satisfied with being told to say malware not virus.
A virus is just one type of malware(malicious software), another type is a trojan horse, another is a worm.

A virus is a malicious program that makes copies of itself and hides itself in other programs., and if that's not malicious enough, sometimes they do more than that like delete everything on a certain date.

A trojan horse is malware that once it infects a computer, allows somebody else to connect to the infected computer remotely and control it and other bad things, could delete files or open and close your cd drive.

A worm is malware that sends copies of itself over a network, infecting computers that way.

An apropos allegory to illustrate how malware works would the story of the Idiot Genie.

The Idiot Genie was an immensely powerful being, able to do any number of interesting and amazing things. It was, however, also incredibly stupid and could do nothing at all without precise instructions being given by its master. Sadly, the genie was so profoundly stupid that it never could figure out just who its master really was, and so it just blissfully carried out whatever instructions were given to it.

The Idiot Genie's master had used his abilities to create immense wealth and power and kept the genie under close guard day and night. One day, however, a letter arrived addressed to the genie. The security guard on duty was, alas, also a profound idiot (having to keep a list of people who were not allowed to talk to or give instructions to the genie in his pocket which he updated every few hours or so.) The return address on the letter wasn't on the list, so the Idiot Guard gave the Idiot Genie the letter.

The letter, it turns out, was an instruction to the genie that he should use his power to send all the money that had been accumulated by the genie's master to a Nigerian General's widow's sister's roommate's account and then to forget all about it. The Idiot Genie, being an idiot, followed these instructions to the letter.

The End.


What is the computer viruses ?

They are bad programs . Programs that not for helps just for harassment you . Like when you want write a letter and press R but the computer write for example P ( because viruses don't let it to w. or when you try to listen to a music but it make noise on it or any thing can harm you or your computer .


In computer, we run programs like Microsoft Word, Paint, Internet Explorer, etc. They use computer's resources (CPU,RAM,etc.) to help us in doing something.

Computer Virus is also a program designed by someone. But it is designed to harm you or steal your information.

For a computer, there is no difference between a program or a virus. Computer will treat them same.

Say your computer has 100 units of potential. What a virus could do is:

  • It can use 90 units of those for doing some unneccesary task. This will slow down your computer for other useful program.
  • It can run in background and capture your keyboard input or your personal files, and send it to someone else over internet.

For the computer, It is just a program. In both cases, computer will treat the viruses as normal programs and provide it resources.

There are many kinds of virus categorized based on their goal and working.

An Antivirus is a program that is designed to identify programs by tracking their activity or by comparing them with previous virus database stored in the antivirus.

