Viruses can be stored on a number of different places on a computer; it really depends on what type of virus (malware) it is.
- For instance some malware is programmed to store itself in the system file folder and on removable devices too, like a USB stick
- Some are designed to replicate themselves in each computer folder. This largely includes ransomware which spreads itself through all folders
- Some malware also tries to create fake files in different folders so it cannot be found.
In the early days of computers, viruses were largely confined to executable data files. An executable file is a file that is used to perform various functions or operations on a computer.
But today malware can theoretically infect all parts of a computer including:
- The firmware of your keyboard, mouse, webcam, speakers and so on. Firmware is software that is embedded in a piece of hardware. Devices that you might think of hardware such as a router, a camera, or a scanner also have software (firmware) that is programmed into a special memory contained in the hardware itself.
- The BIOS (basic input/output system) system. This is the program a computer's processor uses to get the computer system started after you turn it on. The BIOS also manages data flow between the computer's operating system and devices attached to the computer such as a keyboard, mouse and printer.
However it’s important to keep in mind that in general most malware still targets only executable files.
There is a simple reason for this. Writing viruses is complex and virus writers tend to target low hanging fruit by using malware code they know works such as banking trojans.
They work on the assumption that a significant number of computers are not protected with antivirus software. In contrast, creating malware that targets firmware, BIOS and even hard drives is a relatively complex task and it doesn’t pay as much, yet, as exploiting poorly protected systems.