Since the PC industry started in the 1970’s, hackers have created viruses to attack them and cause damage. These threats have been created for various reasons, ranging from financial gain to a simple challenge for the hacker. Here is a list of prevalent system threats over the past 50 years.

Virus nameDate(s)TypeHow It InfectsTypical Damage Caused
Creeper1971Experimental self-replicating TENEX operating system WormGained access using the ARPANETDisplayed the message “I’m the creeper, catch me if you can!”
Rabbit1974Fork bomb denial-of-service attackUses the fork system call, and can fork endlesslyMakes multiple copies of itself on a single computer until it clogs the system, reducing system performance. This finally reaches a threshold and crashes the computer.
Elk Cloner1982Apple II virusThe first virus observed “in the wild.” It displayed a message but caused very little damage.
Brain1986MS-DOS computer virusFloppy disk or disketteThe virus slows down the floppy disk drive and makes seven kilobytes of memory unavailable to DOS.
Vienna1987Computer virusFloppy disk or diskette DOS .com-infecting virusCauses a warm reboot when the program is run.
Lehigh1987Computer virusDOS virus that infects via floppy disk or disketteAfter 4 infections, it overwrites the boot sector and file allocation table.
Stoned1987Boot sector virus familyIt only infects 360 kilobyte 5.25 inch floppies and hard drivesThe infected computer will beep and display the message “Your PC is now stoned! LEGALIZE MARIJUANA!” Any files with directory entries on that sector will be lost. It can also cause the disk’s FAT to be corrupted.
Cascade1987Computer virusFloppy disk or disketteIt causes a “falling letters” effect on the screen, and may also cause some noise.
Jerusalem1987DOS file infector virusFloppy disk or disketteIt infects DOS.EXE files. Delivers two payloads, one that is annoying but relatively harmless and the other destructive. The non-destructive one creates a ‘black window’ on the screen. Then the system slows down due to a time-wasting loop installed on each timer interrupt. The destructive payload activates on any Friday the 13th, deleting any program run on that day. Sometimes this causes the files to consume all available storage space.
SCA1987Amiga boot sector virus3.5 and 5.25-inch floppy disk or diskette
Christmas Tree1987Mass-mailing wormEmail with the subject line “Let this exec run and enjoy yourself!” The user must execute the program by typing “christma” or “christmas.”Paralyses a network when executed and displays an ASCII Christmas tree. It then reads the files “NAMES,” “NETLOG,” and files containing the addresses of communication partners. It emails itself to every address in these files.
MacMag1987Classic Mac OS computer virusCompuserve forumInfects any disks inserted into the computer. Replicates until 3/2/1988, when it displays a message from MacMag and then deletes itself.
nVIR1987Classic Mac OS computer virusFloppy disk, diskette, or a networkCrashes or slows a system and causes printing errors.
SCA1987Amiga Boot sector virusFloppy disk or disketteDisplays a message on the screen, but is mostly harmless. May destroy a legitimate non-standard boot block.
Morris Worm1988Computer wormExploits security flaws in Unix systemsLaunches denial of service attacks.
Ping Pong1988DOS boot sector virusFloppy disk or disketteHarmless to most computers. Shows a small “ball” bouncing around the screen in both text mode (the ASCII bullet character “•”) and graphical mode. Systems may crash during the ball’s appearance on the screen.
Byte Bandit1988Amiga boot sector virus3.5 and 5.25-inch floppy disk or disketteIt causes the screen to go black.
Scores1988Classic Mac OS computer virusFloppy disk or disketteInfects the System, Scrapbook, and Notepad files that are run and crashes programs.
Swap1989Boot sector virusFloppy disk or disketteIt causes “falling letters” effect and may also cause some noise. infects any diskette that is inserted into the system
Ghostball1989Multipartite computer virusFloppy disk or disketteDrops a copy of the Pingpong virus on diskettes.
AIDS1989Trojan, ransomwareEmail listsDisplays a notice asking for $189 to be sent to a post office box in Panama to get a decryption program.
Alabama1989DOS computer virusInfects .EXE files. Files infected increase in size by 1,560 bytes. Displays message 1 hour after execution.
ANTI1989Classic Mac OS computer virusThe first Mac OS virus not to create additional resources. It only patches existing CODE resources. Causes small overall effects.
Lamer Exterminator1989Amiga boot sector virusStorage mediaWrites bootblocks 84 times with the “LAMER!” string.
SevenDust1989Classic Mac OS polymorphic virusVarious storage mediaDeletes non-application files.
WDEF1989Classic Mac OS computer virusFloppy disk or diskette
Form1990DOS boot sector virusFloppy disk or disketteIt causes clicking noises and severe data damage. It will infect any media inserted into the machine.
12601990DOS polymorphic virusFloppy disk or disketteInfects DOS executable files.
4K1990DOS virusFloppy disk or disketteInfected systems will hang on September 22 of each year, which is also the date of birth of Bilbo Baggins.
AIDS1990DOS virusAIDS is the first virus known to exploit the DOS “corresponding file” vulnerability.
AIDS II1990DOS virusTargets .EXE files. Displays message and plays a song.
Ambulance1990DOS virusInfects .EXE files.
CDEF1990Classic Mac OS Computer virusFloppy disk or disketteInfects application and system files. It causes various levels of damage.
MDEF1990Classic Mac OS Computer virusStorage MediaInfects menu definition resource fork files.
Ontario1990DOS file infector virusFloppy disk or disketteInfects .COM, .EXE. and .OVL files. Increases file size by 512 bytes, 1023 bytes. Corrupts the hard drive over time.
Scott’s Valley1990DOS file infector virusFloppy disk or disketteInfects .COM and .EXE files. Causes system slowdown.
Whale1990DOS Polymorphic virusFloppy disk or disketteInfects .COM, .EXE files. Simulates rebooting a system. May display the message: “THE WHALE IN SEARCH OF THE 8 FISH
I AM ‘~knzyvo}’ IN HAMBURG address error D9EB,02.” It also causes a system slow down.
Zuc1990Classic Mac OS computer virusStorage media, internet, or a network
Michelangelo1991DOS boot sector virusFloppy disk or disketteOverwrites all data on the hard disk with random characters. Infects sector 28 on 1.2-megabyte floppy disks. Ran on March 6th, Michelangelo’s birthday. Makes data irretrievable by the user.
Ada1991DOS virusTargets .COM files, usually COMMAND.COM. Beeps from system speaker, hangs the system, shows “Disk full” error.
Eliza1991DOS virusInfects .COM and .EXE files. Low-level threat.
Koko1991DOS virusStorage mediaPayload activates on July 29 and February 15. It can erase data on the user’s hard drive. Displays a message.
Ontario.10241991DOS file infector virusFloppy disk or disketteInfects files and corrupts hard drives over time.
Freddy Krueger1992Memory resident infectorDiskettes or connected computerDeletes infected files. It will also infect any program run by the user.
Bomber1992DOS polymorphic memory-resident computer virusDiskettes or connected computerWorks via a “patchy infection” technique. The beginning of the virus code contains the unencrypted text: COMMANDER BOMBER WAS HERE.
5lo1992DOS computer virusInfects .EXE files only. Total free system memory will decrease by 2K.
Acid1992DOS,
Windows 95, 98 virus
Inserted storage mediaInfects COM file, and .EXE files. Disk directory listing will not be altered. Programs have the first 792 bytes overwritten with Acid’s own code.
Acme1992DOS,
Windows 95 virus
Infects another .EXE in the current directory by making a hidden .COM file with the same base name.
ABC1992DOS Computer virusIt causes keystrokes on the infected computer to be repeated.
ARCV-n1992DOS Computer virusInfects .COM and .EXE files. Displays text messages.
INIT 19841992Classic Mac OS computer virusStorage media, email, internet connectionTriggered at bootup on Friday the 13th. Infects startup INIT files. Changes file names to random strings. It has a low threat level.
Ontario.20481992DOS file infector virusFloppy disk or disketteInfects files and corrupts hard drives over time.
Abraxas1993DOS,
Windows 95, 98 virus
Infects COM file. Overwrites files, displays “ABRAXAS” in ASCII art and plays a series of sounds.
OneHalf1994Polymorphic DOS boot virusDiskettes or connected computerWill display the message: “Dis is one half…..Press any key to continue …”
Natas1994DOS multipartite, stealth, polymorphic virusFloppy disk or disketteAffects .COM and .EXE files.
SMEG engine1994DOS polymorphic virus engineCreates other viruses.
Concept1995Macro virus for MS WordCD’s released by some major corporations. Email mass mailingsAffects MS Word documents.
Bizatch1995MS Windows 95 virusCD’s, diskettes or connected computerOn the 31st of any month, it displays a message box praising the VLAD group and listing the current members of VLAD.
Hare1995DOS,
Windows 95, Windows 98 virus
Storage media, email, internet connectionInfects .COM and .EXE files, master boot record of hard disks, and boot sector of floppy disks. Activates on August 22 and September 22. Erases hard disk and displays the message: “HDEuthanasia by Demon Emperor.”
Ply1996DOS non-encrypted polymorphic virusCD’s, diskettes or connected computerInfects all .exe files it finds.
Laroux1996Microsoft Excel virusCD’s, diskettes or connected computerAdds the Excel macro “laroux” to PERSONAL.XLS. The virus will then infect any Excel workbook available.
Staog1996Linux virusCD’s, diskettes or connected computerNever been wild, and had no destructive payload. No damage caused.
Alcon1997DOS computer virusOverwrites random files on a disk causing damage over time.
Esperanto1997DOS, MS Windows, classic Mac OS, multi-processor virus.Storage media, email, internet connectionInfects .COM and .EXE files. Runs when computer is started. Displays a message on 26 of July.
CIH1998File virusPirated software, a “PWA-cracked copy” of Windows 98Makes it impossible to boot from the hard drive. It may be impossible to recover some of the lost data. Nothing may be displayed when the user starts the computer. The virus can only spread on Windows 95, 98 and ME systems.
Happy991999Email / newsgroup wormEmail or news post with attachment named “Happy99.exe”No destructive payload and never caused any damage.
ExploreZip1999Mass-mailer wormEmail mass mailingsDestroys certain files, disrupts email systems.
CTX1999Computer virusSpreads via the Cholera wormOverwrites parts of .exe files.
Kak1999JavaScript wormUses a bug in Outlook Express to spread itselfUses SHUTDOWN.EXE to initiate a shutdown and show a popup with the text “Kagou-anti-Kro$oft says not today!” A minimized window appears on startup with the title “Driver Memory Error.” Another message may pop up saying “S3 Driver Memory Alloc Failed!” This happens on day 1 of each month at 6:00 pm.
Marker1999MS Word Polymorphic, Macro virusInternet, various storage mediaInfects Word Documents. Keeps a log of infected computers.
Pikachu2000Email wormAn email arrives titled “Pikachu Pokemon” and the body of the e-mail includes the text “Pikachu is your friend.”Adds the lines “del C:\WINDOWS” and “del C:\WINDOWS\system32” to the file “autoexec.bat.” Commands would be executed at the next boot, attempting to delete two critical directories of the Windows operating system. However, users would be given a prompt asking whether or not they wanted to delete those folders.
Navidad2000Windows mass-mailer wormEmailDisplays messages in Spanish and makes the system unusable. Spreads further through email clients. Adds NAVIDAD.EXE as an attachment. Adds an icon in the system tray.
Anna Kournikova2001Computer wormEmail with an attachment .jpeg image that automatically sends itself to all contacts in a user’s Windows Address Book.Caused problems in email servers due to the quantity spread. No other real damage.
Klez2001Computer wormE-mail message, spoofing. Sends itself to people in users’ address books.Could render a victim’s computer inoperable. It could even disable virus-scanning software and pose as a virus-removal tool.


Nimda2001Computer wormEmail. open network shares, back doors, and compromised websites.
Brings internet traffic to a crawl.
Sadmind2001Computer wormNetwork, email, CD, or diskette.Exploits vulnerabilities in both Sun Microsystems’ Solaris and Microsoft’s Internet Information Services.
Sircam2001Mass-mailer wormEmailed out to email addresses in the host’s address book. It could also spread via open shares on a network.Personal or private files were emailed to people who otherwise should not have received them.
ZMist2001Windows metamorphic virusStorage media, internet, or a network.Requires 32 MB of memory. Decompiles portable .EXE files.
Beast2002Trojan horseUsed the client-server model. The server is what would infect the victim’s computer.It gave the attacker complete control over the infected computer. Infected other applications as well.
Mylife2002Mass-mailer wormEmails to all contacts in Microsoft Outlook.Affected home users mostly.
Simile2002Windows metamorphic virusInternet, various storage media.Displays a message, “Free Palestine!” and infects .EXE files.
SQL Slammer2003Computer wormAffected Microsoft’s SQL Server and Desktop Engine database products.Launched denial of service attacks. Dramatically slowed down general Internet traffic.
Graybird2003Trojan horseEmail, CD, diskette, USB ports, or internet connection.Downloads files from remote web sites, records keystrokes, extracts passwords, and steals PC information.
ProRat2003Trojan horseVia a network, it uses a client and a server.Logs keystrokes, steals passwords and gains full control over files.
Blaster worm2003Computer wormEmail, CD, diskette, USB portsDisplays in Windows the following message and then automatically reboots, usually after 60 seconds: “This system is shutting down. Please save all work in progress and log off. Any unsaved changes will be lost.”
Welchia2003Computer wormEmail, CD, diskette, USB portsFloods a network, installs its own Microsoft patches.
Sobig2003Computer wormEmails with the sender address “big@boss.com”Used as a backdoor for spammers to mass email.
Swen2003Mass-mailing computer wormMicrosoft Security update, email, Internet Relay Chat, Kazaa filesharing, and newsgroups.Tries to shut off antivirus programs and firewalls.
Sober2003Computer wormE-mail attachment, fake webpages, fake pop-up ads, and fake advertisements.Copies itself to one of several files in the Windows directory. Adds appropriate keys to the Windows registry and can e-mail itself to all addresses in a user’s e-mail address book.
Agobot2003Computer wormEmail, CD, diskette, USB portsPerform denial-of-service attacks, steal data, send spam, and allows the attacker to access the device and its connection.
Bolgimo2003Win32 computer wormWindows patchDownloads the patch to the user’s desktop and run the patch installer.
Sasser2004Windows wormExploits buffer overflow vulnerability in Local Security Authority Subsystem Service (LSASS)Slows down and crashes the computer, while making it hard to reset without cutting the power.
Mydoom2004Windows wormAppears as an email transmission error. Spreads through email address books. Creates a backdoor that allows remote access. Launches denial of service attacks.
Sasser2004VirusSpread by email and social engineeringIt causes system crashes and resource usage.
Bagle2004Mass-mailing wormMass-email as an attachment It is a botnet causing e-mail spam.
Netsky2004Computer wormE-mail, social engineering tactics.Scans the computer for e-mail addresses and e-mails itself to all addresses found.
Witty 2004Computer wormVia hosts connected to the internet.Attacks firewalls and other computer security products written by specific companies.
Caribe2004Computer wormMobile phones running Symbian OS, and through Bluetooth wireless signals.Displays the message “Caribe” on the phone’s screen, and is displayed every time the phone is turned on. The worm then attempts to spread to other phones in the area.
Vundo2004Trojan horseE-mail attachment carrying a trojan, browser exploits, and browser plug-ins.It causes popups and advertising for rogue antispyware programs, performance degradation, and denial of service with some websites.
Santy2004Computer wormUses Google to spread across the Internet.Infected servers and displayed the message “This site is defaced!!! This site is defaced!!! NeverEverNoSanity WebWorm generation X.” X is a number of the generation of the worm.
Zotob2005Internet wormPlug-and-playMakes an infected computer a part of a botnet.
Copy protection rootkit2005RootkitIncluded on music CDs sold by Sony BMG.Creates vulnerabilities on affected computers, making them susceptible to infection by worms and viruses.
Zlob2005Malware Trojan downloaderDisguised as a needed video codec in the form of ActiveX.Random computer shutdowns or reboots showing random comments. Runs a file called “zlberfker.exe.” Redirects to porn sites and various video watching sites that show a number of inline videos. Playing the video activates a request to download an ActiveX codec that is malware. It prevents the user from closing the browser in a normal way.
Nyxem2006Internet wormInfected email attachments and network shares.The virus removes antivirus programs from remote computers before attempting to infect them. It activates on the third day of each month. On activation, the virus overwrites data files of many common types, including Word, Excel, and PowerPoint documents; ZIP and RAR archives; and PDFs. It can destroy files on fixed and removable drives and tries but fails, to affect data on network drives. It also attempts to disable antivirus programs or deletes the antivirus programs directly.
Brontok2006Mass-email wormIt arrives as an attachment to an e-mail named “kangen.exe.”Reboots the computer. Blanks out address typed in Windows Explorer before completion. Sends itself to email addresses it finds on the computer, even faking the own user’s email address as the sender. The computer also restarts when trying to open the Windows Command Prompt. Prevents the user from downloading files. It also opens the default Web browser and loads a web page which is located in the “My Pictures” folder.
Stration2006Mass-mailer wormEmailDisables security features, sends itself to other computers via e-mail attachments.
Kama Sutra2006Windows computer wormEmailDestroys common files, such as .doc, .pdf, .zip, .xls and disables antivirus software.
Oompa2006Mac OS X wormiChat message attachmentDisplays a message. Marks other files.
RavMonE.exe2006Trojan horse wormiPod videos, removeable storage drives, email attachments, internet files.Allows unauthorized access to a computer.
Storm 2007Trojan horse wormUsed the click bait headline “230 dead as storm batters Europe” which accompanied a link to the “story.”Turns computers into bots that re-distribute the email.
Alureon2007Botnet trojanManual download, rogue software bundleSteals data through network traffic, blocks Task Manager and desktop, Windows Update, disables antivirus programs. It also redirects search engines to fraud sites.
Conficker2008Windows wormUses flaws in the OS to create a botnet.Installs software that will turn the computer into a botnet slave. Includes scareware to obtain money from users.
Mocmex2008Trojan horseDigital photo frameCollects passwords for online games, recognizes and blocks antivirus protection.
Torpig2008BotnetTrojan horses, emailsCollects sensitive personal and corporate data such as bank accounts and credit card information.
Bohmini.A2008Trojan horseMalvertising via the social networking site Facebook.Turns the computer into a bot or remotely controls it.
Fun2008Windows virusEmail attachmentSends email with attachments as a response to any unopened emails in Outlook Express.
Zeus2009Trojan horseDrive-by downloads or phishing scamsEndangers FTP accounts and computers. Theft of login credentials. Performs various criminal tasks, usually man-in-the-browser keylogging and form grabbing.
Daprosy2009Trojan wormLocal area network (LAN) connections, spammed e-mails, USB mass storage devices.Steals online-game passwords in internet cafes.
MegaPanzer2009Trojan horseNetwork and internet connectionsIntercepts Skype and voice over IP traffic on Windows XP systems.
Kenzero2009Computer virusOnline via peer-to-peer networks (P2P)Monitors the browsing history of users.
Stuxnet2010Computer wormVia an infected USB flash driveUsed in cyberwarfare. Affected Iran’s nuclear program.
Waledac2010Mass-mailer wormEmail mass- mailingsSends spam emails and malware, harvests password info.
Psyb0t2010Computer wormRouters and high-speed modems.Affects data and internet traffic flow.
here you have2010Trojan horseEmailSends a copy of itself to everyone in the Windows Address Book, Microsoft Outlook address book and delivers a payload.
SpyEye2011MalwareAttacks web browsers on Windows PCs.Uses keystroke logging and form grabbing to steal user credentials for malicious use.
Anti-Spyware 20112011Trojan horsePoses as an anti-spyware program.Disables security-related processes of anti-virus programs, blocks access to the Internet, and prevents updates.
ZeroAccess2011Trojan horseMalvertising, affiliate scheme.Downloads other malware on an infected machine from a botnet while remaining hidden using rootkit techniques.
Duqu2011Computer wormMicrosoft Word documentIt looks for information that could be useful in attacking industrial control systems.
Flame2012MalwareLAN or USBRecords keyboard activity, network activity, screenshots, and skype conversations.
Shamoon2012Computer virusSpreads using a network.Overwrites the master boot record of the infected computer, making it unusable.
NGRBot2012Computer wormIRC network for file transfer.Steals user information, infects HTML pages, blocks security updates, monitors network activity.
CryptoLocker2013Trojan horseInfected email attachments, Gameover Zeus botnet.Encrypts files on a user’s hard drive, then prompts them to pay a ransom to the developer in order to receive the decryption key.
Gameover ZeuS2013Peer-to-peer botnetThrough use of the Cutwail botnet.Steals users’ login details on popular web sites that involve monetary transactions. Used for banking fraud and distribution of the CryptoLocker ransomware.
Linux.Darlloz2013Computer wormInternet of things, PHP vulnerability.Infects routers, security cameras, set-top boxes.
Regin2014Trojan horseSpoofed web pagesDownloads extensions of itself, making it difficult to be detected via anti-virus signatures. Used as a tool for espionage and mass surveillance.
BASHLITE2015Linux malwareLocal networkLaunch distributed denial-of-service attacks.
MEMZ2016Trojan horseInternetMoves the mouse cursor slightly, opens up humorous Google searches on the user’s web browser, and opens various random Microsoft Windows programs.
Locky2016Ransomware malwareEmail, exploit kits, Word and Excel attachments with malicious macros, DOCM attachments, and zipped JS Attachments.Demands a payment of between 0.5 and 1 bitcoin that victims must pay to decrypt their files.
Tiny Banker2016Trojan malwareNetworksMan-in-the-browser attacks and network sniffing.
Mirai2016Botnet malwareInternet, online consumer devices.DDoS attacks infecting the Internet of Things.
Mirai2016Linux MalwareHacker forums as open-source.Turns Linux system into a bot for a botnet. Launches Internet of Things Denial of service attacks.
Petya2017Trojan ransomwareFake job emails.Destroys user data.
Xafecopy2017Trojan horseMobile payments on websites.Charges the user’s mobile carrier bill and subscribes to unwanted paid services.
Wannacry2017RansomwareSMB portCharges ransom of $300 to undo.
Xafecopy2017Android TrojanDownloadable apps, battery optimizers.Clicks on web pages to subscribe that charge money to the user’s phone bill.
Thanatos2018RansomwareDeceptive advertisingCharges a $200 USD ransom payment to one of the listed Bitcoin, Ethereum, or Bitcoin Cash addresses.
Titanium2019Trojan horseInternetRemains undetected, steals, and spies on user.
AntiCMOS1994-1995DOS computer virusDue to a faulty virus code, it will not erase CMOS information as designed.
Melissa1999-presentMicrosoft Word macro virusMass email. Primarily affects Microsoft Word and Outlook-based systems.Mass mails itself using contact lists. Disables safeguard features on Microsoft Outlook and Microsoft Word.
ILOVEYOU2000-presentComputer wormEmail messages and mailing lists.Overwrites files, sends itself to all addresses in the Microsoft Outlook address book.
Code Red2001-presentComputer wormTargets Microsoft IIS web server buffer overflow workflow issue.Eats up system resources, launches denial of service attacks, and leaves the message: “Hacked By Chinese!”
Code Red 22001-presentComputer wormExploits a security hole in Microsoft’s Internet Information Server (IIS) webserver software.Creates a backdoor that allows further attacks.
Bifrost2004-presentBackdoor Trojan horseServer clientRemote user can execute arbitrary code at will on the compromised computer. Some file attributes changed to “Read Only” and “Hidden.”
Rustock2006-2011BotnetTrojan horses, emailsSends spam messages with trojan horses and incorporates machines into the botnet.
Koobface2008-2010Computer wormSpread via infected social media posts.Targets mostly Facebook. It gets users to download malware.
CryptoLocker2013-2014Trojan horse ransomwareVarious ways including emailUsers must pay a ransom to undo by a certain deadline.
CommwarriorSymbian Bluetooth wormBluetooth and MMSSpreads through MMS and Bluetooth to other devices. Little damage caused.

This list represents a large portion of known computer viruses over the past 50 years that have attacked PC’s and devices around the world. The process of virus creation is not slowing down, so having strong antivirus software installed on your system is crucial to protecting it from any future attacks.

For protection from these threats and others, see our Antivirus Mega Review Roundup here.

Did you find this useful? If so please share and comment!