A virus attaches itself to another piece of programming code in memory, or a file. A virus infects a system when the orignal program or programming code executes and unintentionally runs the virus' programming code. A virus replicates itself by attaching itself to other programs when it's code is executed.

     Not all viruses do catastrophic damage to a computer system. Many viruses simulate a system failure, displays misinformation when the system starts, play music randomly, or produce random messages. Viruses that are malicious can and do cause considerable damage in the form of lost data and altered program code.

• Dropper: This program installs a virus or Trojan horse on a system avoiding detection by most antivirus programs. Droppers are a sophisticated approach to virus infection and are very uncommon.
  
  
• Trojan Horse: Based on Greek mythology, the viral Trojan Horse hides a virus program by imitating or hiding itself as a legitimate application. When the application is run, the virus is released, often creating other Trojan Horses that will avoid detection.
  
  
• Worm: A self-contained program that spreads itself to other systems, usually over a network connection. This is the most common type of email virus.
  
  

     There is one other type of virus in circulation, the most malicious of all virus, the one everyone is worried about, the one that is simply a rumor; the rumor virus is also the most popular. Some people get more satisfaction from exploiting people than their computers. Exploiting people's fascination with computer viruses, these hoax emails turn into chain letters.

There are five major virus classes:

• Boot sector viruses: Also known as system viruses, these viruses target the boot sector code on the floppy disk and / or the hard disk drive. By attaching itself to the boot sector, this code will execute when the computer is started (or restarted), the viruses spread by moving from boot sector to boot sector.
  
  
• File viruses: File viruses modify program files, such as .EXE and .COM files. When the EXE/COM file is executed, the virus will attach itself to another COM or EXE file and then procede with its mailicious intent.
  
  
• Macro viruses: The newest generation of virii, macro viruses take advantage of the built-in macro programming languages of applications such as Microsoft Word and Excel. These viruses will spread by attaching itself to another document, then, given the power of Microsoft macros, do malicious Visual Basic destruction.
  
  
• BIOS viruses: The BIOS (Basic Input / Output System) is the central nervous system of the computer. It is contained in a small ROM chip on the computer's systemboard. Being the nervous system of the computer, new technologies can be limited to the BIOS, therefore, the BIOS on newer computers are updateable via the process of flashing. Or updating the interior of a chip on the computer with the use of software. Along with updatable BIOS chips came the BIOS virus. The BIOS virus really isn't a virus because it doesn't replicate, it doesn't have to, once it executes, that is the end of your system. The computer will not bootstrap without a BIOS, it doesn't know how, it can't remember, because it's memory and nervous system are destroyed. My current computer has a BIOS chip that is soldered to the systemboard, other computers come with a BIOS chip that can be simply replaced. If I were to get a BIOS virus, my system, or systemboard, is useless.
  
  
• Multipartite viruses: Especially malicious, these viruses are a combination of both boot sector and file virii.
  
  

     Because a virus is a program or a segment of malicious program code, it can only infect another program for two reasons: first, the code would not blend into the scenery of a to-do list or Word document, second, since a to-do list is data, not program code, it is not executed, it is simply data. For a virus to be a 'true' virus, it must replicate its code in a way that is a true replication; replication requires that the replica also be executable, which means it must attach to an executable program (EXE or COM).

     As virus detection software becomes more sophisticated, so have the viruses. Most antivirus detection schemes recognize a predefined pattern unique to individual virii, a viruses fingerprint in effect, this is called a viruses signature. Modern viruses now incorporate a scheme to defeat this signature detection by imploying a method know as cloaking. Some of the cloaking techniques used by virii are as follows:

• Polymorphing: Allows a virus to change their appearance, signature, and size each time they infect a system or replicate (a type of evolutionary drift).
  
  
• Stealth virus: The stealth virus hides its damage in such a way that everything appears to be normal.
  
  
• Directory virus: The directory virus hides itself by lying. It changes a directory entry to point itself instead of the files it is replacing. No actual change is made to the affected files, and they appear normal, which helps the virus avoid detection.
  
  

     Except for inoculators, which only look for the damage caused and not the virus itself, most antivirus scanners use an updatable database of virii profiles or signatures for reference. These virii signature databases are updatable via the internet and should be update frequently. The internet is a great resources for updating these databases, it is also a double-edged sword because a world wide network (internet) is the perfect distribution medium for new and unfingerprinted virii to travel.