Viruses have targeted various types of transmission media or hosts.

Binary executable files such as COM EXE files in MS-DOS, Microsoft Windows, and ELF files in Linux.
Volume Boot Records of floppy disks and hard disk partitions

The master boot record (MBR) of a hard disk

General-purpose script files (such as batch files in MS-DOS and Microsoft Windows

VBScript files, and shell script files on Unix-like platforms.
Application-specific script files (such as Telix-scripts
Documents that can contain macros Microsoft Word documents, Microsoft Excel spreadsheets, AmiPro documents, and Microsoft Access database files
Cross-site scripting vulnerabilities in web applications

Arbitrary computer files. An exploitable buffer overflow, format string, race condition or other exploitable bug in a program which reads the file could be used to trigger the execution of code hidden within it. Most bugs of this type can be made more difficult to exploit in computer architectures with protection features such as an execute disable bit and/or address space layout randomization.

PDFs, like HTML, may link to malicious code.[citation needed]PDFs can also be infected with malicious code.

In operating systems that use file extensions to determine program associations such as Microsoft Windows, the extensions may be hidden from the user by default.

This makes it possible to create a file that is of a different type than it appears to the user. For example, an executable may be created named "picture.png.exe", in which the user sees only "picture.png" and therefore assumes that this file is an image and most likely is safe.

An additional method is to generate the virus code from parts of existing operating system files by using the CRC16/CRC32 data.

The initial code can be quite small tens of bytes and unpack a fairly large virus. This is analogous to a biological "prion" in the way it works but is vulnerable to signature based detection. This attack has not yet been seen "in the wild".