Strictly speaking, a Virus is a program that replicates itself with the intent to infect more computers, either through network connections or through the exchange external storage devices (such as floppy disks, CD-ROMs, or CompactFlash cards).

Viruses are typically copied to a computer's storage device without the user's knowledge. A virus may damage files or systems, or it may simply annoy users by flashing messages or pictures on the screen or by causing the computer to beep. In fact some viruses cause no harm and can remain unnoticed on a system indefinitely.

Many other unwanted and potentially destructive programs are called viruses, but technically do not meet the criteria used to define a virus. For example, a program that disguises itself as something useful but actually harms your system is called a Trojan horse (or simply Trojan), after the famous wooden horse in which soldiers were hidden. Because Trojan horses do not replicate themselves, they are nit considered viruses. N example of a Trojan horse is an executable file (.exe) that someone sends you over the internet, promising that the executable will install a new game, when in fact it erases data on your hard disk or mails spam to all the users in your e-mail program’s address list

Many thousands of viruses exist, although only a relatively small number cause the majority of virus-related damage. Viruses can be classified into different categories based on where they reside on a computer and how they propagate themselves. Often, Creators of viruses apply slight variations to existing viruses to make their version undetectable by antivirus programs. This results in a host of related, yet different viruses. The antivirus software must then update their programs to recognize the new variations, and the virus creators may again alter their viruses to render them undetectable. This cycle continues indefinitely. No matter what their variation, all viruses belong to one of the following categories: Boot sector, Macro, File-infected, Worms, Trojan horse, Network, or Bots.

Boot Sector Viruses: The first PC virus was a boot sector virus called (c)Brain, created in 1986 by two brothers, Basit and Amjad Farooq Alvi, operating out of Lahore, Pakistan. The brothers reportedly created the virus to deter pirated copies of software they had written. However, analysts have claimed that the Ashar virus, a variant of Brain, possibly predated it based on code within the virus. Boot sector viruses position their code in the boot sector of a computer’s hard disk so that when the computer boots up, the virus runs in place of the computer’s normal system files. Boot sector viruses are normally spread through external storage devices to hard disks. Boot sector viruses vary in their destructiveness. Some simply display a screen advertising the virus’s presence when you boot the infected computer. Others do not advertise themselves, but stealthy destroy system files or make it impossible for the file system to access at least some of the computer’s files. Some examples include: POLYBOOT-B, Michelangelo, and Stoned, which was widespread in the 1990 and disabled the U.S. Military computers in the 1991 Persian Gulf War, and persists today in many different variations. Until you disinfect a computer that harbors a boot sector virus, the virus propagates to every external disk to which that computer writes information. Removing a boot sector virus first requires rebooting the computer from an uninfected, write-protected disk with system files on it. Only after the computer is booted from a source other than the infected hard disk can you run software to remove the boot sector virus.

Precautions and damage control

Prevention is usually a matter of vigilance and avoiding contact with unknown disks.
Back up your files, so that you can restore them if a virus damages them.
If you back up a file that is already infected with a virus, you can re-infect your system by restoring files from the backup copies. Check your backup files with virus scanning software before using them. Keep your original application and system disks locked (write-protected). This will prevent the virus from spreading to your original disks.
If you must insert one of your application floppy disks into an unknown computer, lock it first. Unlock your application disk only after verifying that the computer is free of viruses.
Obtain public-domain software from reputable sources. Don't download software directly to a hard disk. Rather, save it to a floppy disk, lock the floppy disk, and check it thoroughly using reputable virus detection software. Don't copy it to your hard disk until you know it is safe. This can also help protect you from Trojan horse programs.
Quarantine any infected computer. If you discover that a computer is infected with a virus, immediately isolate it from other computers. In other words, disconnect it from any network it is on. Don't allow anyone to copy or move files from it until the entire system has been reliably disinfected.

Macro Viruses: a macro virus is a virus that is written in a macro language. They were largely problems because rather than create a new function to perform macros, some software vendors connected the macro writing functions in their software to the same computer language that they used to write that same software. Because of this, anyone with knowledge of that particular programming language can code a program that will launch immediately when the file is opened on a computer. "Documents" with macro viruses are actually templates in disguise since documents cannot have macros. This is why people are told not to open attachments in e-mail because of the danger of embedded macros. It recommended that anti-virus software is used and kept up to date. Macros are a series of commands and actions that help to automate tasks performed on a regular basis. A computer macro virus is a virus that infects documents and templates, not programs. A macro virus takes advantage of the macro programming language built into applications such as Microsoft Word or Excel. This also includes files on other platforms such as Macintosh. In 2004, macro viruses accounted for approximately 75% of all viruses. A macro virus can be spread through email attachments, discs, networks, modems, and the internet. Uninfected documents contain normal macros. Most macros start automatically when a document is opened or closed. A common way for a macro virus to infect a computer is by replacing normal macros with the virus. The macro virus replaces the regular commands with the same name and runs when the command is selected. In this case where the macro is run automatically, the macro is opened without the user knowing. Once you open a file that contains a macro virus your system is infected. It will begin to embed in all other documents and templates, as well as future ones created. As you share these documents encoded with the macro virus, the virus can be passed onto other users. A Microsoft Word macro virus can infect files on Windows as well as the Macintosh platform. A well known example of a macro virus is the Melissa Virus from 1999. A document was created with the virus in it and anyone who opened it would ‘catch’ the virus. The virus would then send itself by email to the first 40 people in the person’s address book. This made the virus replicate at a fast rate. There are different ways in which one can recognize a macro virus. If a person is familiar with the macros that are supposed to be on a computer, then one can check through the macros on a computer and look for ones that he or she does not recognize. A person can research on the internet for names of macros that are known to be a part of a macro virus, such as AAAZAO, AAAZFS, AutoOpen, FileSaveAs, and PayLoad. If these macros are found on a computer, then it is a sign that the computer has been infected. For those that are not familiar with macros, the best way to recognize if a computer has been infected is to look for unusual behavior and symptoms of a macro virus. There are three common symptoms of a macro virus. First, a person may be prompted for a password when opening a file that does not have a password. Second, a computer may save a document as a template without the user instructing the computer to do so. Last, a macro virus can cause strange error messages, such as ‘Just to prove another point’ or ‘This one’s for you, Bosco’. A macro virus can move words in your document and replace them with a random word such as ‘WAZZU’ at various locations.

It is difficult to protect a computer from macro viruses because it is easy for someone familiar with macro programming language to create a macro virus. As a result, new viruses are created often and a virus detection program may not recognize the virus as an infection. It is important to constantly update antivirus programs and to be sure to have advanced antivirus software installed on a computer.

File-infected viruses: File-infected viruses attach themselves to executable files (.exe). When an infected executable file runs, the virus copies itself to memory. Later the virus attaches itself to other .exe files. Some file-infected viruses attach themselves to other programs even when their “host” executable runs a process in the background, such as a printer service or screen saver program. Because they stay in memory while you continue to work on your computer, these viruses can have devastating consequences, infecting numerous programs and requireing that you disinfect your computer, as well as reinstall virtually all software. Symptoms of virus infection may include damaged program files, file size increase, changed icons for programs, strange messages that appear when you attempt to run a program, or the inability to run a program. Examples of file-infected viruses are Vacsina, WoodGoblin, and Harmony.A.

Worms: Worms are not technically viruses, but rather programs that run independantly and travel between computers and across networks. They may be transmitted by any type of file transfer, including e-mail attachments. An early worm on the Internet, and the first to attract wide attention, was the Morris worm. It was also termed 'The Internet Worm' by Peter Denning in an article in American Scientist in which he distinguished between a virus and a worm, thereby becoming an early computer zoologist. The Morris worm was written by Robert Tappan Morris, at the time a computer science graduate student at Cornell University, and released on November 2, 1988 using a friend's account on a Harvard University computer. It quickly infected large numbers of computers attached to the Internet and caused massive disruption. That it didn't spread even farther and cause more trouble is largely due to some errors in its implementation. It propagated via several bugs in BSD Unix and related systems, and its component programs (including several versions of 'sendmail'). Morris was identified, confessed, and was later convicted under the US Computer Crime and Abuse Act. He received three years probation, 400 hours community service and a fine in excess of $10,000. In addition to replication, a worm may be designed to do any number of things, such as delete files on a host system, encrypt files in a crypto viral extortion attack, or send documents via e-mail. Some more recent worms have been multi-headed and carry other executables as a payload. However, even in the absence of such a payload, a worm can be damaging, if only from the network traffic generated by its reproduction. Mydoom, for example, caused a noticeable worldwide Internet slowdown at the peak of its spread.
A common payload for worms is a backdoor in the infected computer; Sobig and Mydoom are examples which created zombies. These zombie computers are used by spam senders for sending junk email or to cloak their website's address. Spammers are thought to be a source of funding for the creation of such worms, and worm writers have been caught selling lists of IP addresses of infected machines. Others try to blackmail companies with threatened DoS attacks.

Trojan horse:
a Trojan horse is a malicious program that is disguised as or embedded within legitimate software. The term is derived from the classical myth of the Trojan Horse. They may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed.
Often the term is shortened to simply trojan, even though this turns the adjective into a noun, reversing the myth (Greeks, not Trojans, were gaining malicious access).
There are two common types of Trojan horses. One, is otherwise useful software that has been corrupted by a cracker inserting malicious code that executes while the program is used. Examples include various implementations of weather alerting programs, computer clock setting software, and peer to peer file sharing utilities. The other type is a standalone program that masquerades as something else, like a game or image file, in order to trick the user into some misdirected complicity that is needed to carry out the program's objectives.
Trojan horse programs cannot operate autonomously, in contrast to some other types of malware, like viruses or worms. Just as the Greeks needed the Trojans to bring the horse inside for their plan to work, Trojan horse programs depend on actions by the intended victims. As such, if trojans replicate and even distribute themselves, each new victim must run the program/trojan. Therefore their virulence is of a different nature, depending on successful implementation of social engineering concepts rather than flaws in a computer system's security design or configuration. In practice, Trojan Horses often contain spying functions (such as a packet sniffer) or backdoor functions that allow a computer to be remotely controlled from the network without the owner's knowledge, creating a "zombie computer". Backdoors, however they may be installed, can be exploited by other malware, including worms. Examples include Doomjuice, which spreads using the backdoor opened by Mydoom, and at least one instance of malware taking advantage of the rootkit backdoor installed by the Sony/BMG DRM software. The Sony/BMG rootkit Trojan, distributed on millions of music CDs through 2005, did both of these things. Because Trojan horses often have these harmful behaviors, there often arises the misunderstanding that such functions define a Trojan Horse.

Network Viruses: Network viruses propagate themselves via network protocol, commands, messaging programs, and data links. Although all viruses can theoretically travel across network connections, network viruses are especially designed to take advantage of networking vulnerabilities. For example, a network virus may attach itself to FTP transactions to and from your web server. Because network viruses are characterized by their transmission method, their symptoms may include any type of anomaly, ranging from strange pop-up messages to file damage.

Bots: In networking the term bot means a program that runs automatically, without requiring a person to start or stop it. One type of bot is a virus that propagates automatically between systems. It does not require an unsuspecting user to download and run an executable file or to boot from an infected disk, for example. Many bots spread through the IRC, a protocol that enables users running IRC client software to communicate instantly with other participants in a chat room on the internet. Virus bots take advantage of IRC to transmit data, commands, or executable programs from one infected participant to others. After a bot has copied its files on a client’s hard disk, these files can be used to damage or destroy a computer’s data or system files, issue objectionable content, and further propagate the virus. Bots are especially difficult to contain because of their fast, surreptitious, and distributed dissemination.

Reference:

Computer Incident Advisory Capability. (1998) Information Bulletin: Macro Virus Update. Retrieved June 18, 2006, from the World Wide Web: http://www.ciac.org/ciac/bulletins/i-023.shtml

Dean, Tamara (2006). Network+ Guide to Networks. Boston Massachusetts: Thompson Course Technology.

How Stuff Works, Inc. (2006).How Computer Viruses Work. Retrieved June 18, 2006, from the World Wide Web: http://www.howstuffworks.com/virus2.htm

Microsoft Corporation. (2006). Introduction to Security. Retrieved June 18, 2006, from the World Wide Web: http://office.microsoft.com/en-au/assistance/HA010450711033.aspx

Microsoft Corporation. (2006). WD: Frequently Asked Questions About Word Macro Viruses. Retrieved June 18, 2006, from the World Wide Web: http://support.microsoft.com/?scid=kb;en-us;187243

The Trustees of Indiana University. (2006). What are computer Viruses, Worms, and Trojan Horses. Retrieved June 18, 2006 from the World Wide Web: http://kb.iu.edu/data/aehm.html

Webopaedia. (2004). Macro Virus. Retrieved June 18, 2006, from the World Wide Web http://www.pcwebopaedia.com/TERM/M/macro_virus.htm
Retrieved from "http://en.wikipedia.org/wiki/Macro_virus_%28computing%29"