The operation of a computer virus is conceptually simple . A program is executed that is infected, in most cases, due to the user’s ignorance. The virus code remains resident (hosted) in the computer’s RAM memory, even when the program that contained it has finished executing. The virus then takes control of the basic services of the operating system, subsequently infecting executable files that are called for execution. Finally, the virus code is added to that of the infected program and is recorded on disk, with which the replication process is complete.
A computer virus is usually embedded in a larger program, often a legitimate piece of software . The virus will be run when legitimate software is run. The computer virus would load itself into the computer’s memory and then it will look for any program where it can probably attach itself. When a program is found the virus would then likely modify the file to add the virus’ code to the program. The virus would usually work before the actual legitimate program would work. In fact, the virus would usually carry out the infection first before it commands the legitimate program to run. This process is so fast that no one would even notice that a virus was executed. With two programs now infected (the original program and the first infected program), the same process would be repeated whenever any programs are launched that worsen the infection level.
A computer virus and email virus basically have the same modus operandi, the difference though is that an email virus would be attached to an email message or sent automatically using addresses in the address book to infect the people receiving the email.
After the infection phase, or even within the middle of the infection process, the virus would usually start its attack on the system. The level of the attack can range from silly actions like flashing messages on the screen to actually deleting sensitive data.