Main ways to spread:
This attacks the portion of bootable media on your computer. MBR is usually extremely small (512 bytes). This is why not all the malicious code is located directly there, but the virus points to the malicious code in an alternate location. So when the system boots and wants to read the MBR, it automatically starts executing the virus and only afterwards reads the MBR.
File infectors add malicious code to an executable (.bat, .exe) which is then run before the actual program file. Standard file infector viruses can be found pretty easily, by comparing the size, modification date or by comparing hash values of the file.
These viruses inject themselves into the trusted runtime processes of operating systems such as svchost.exe, winlogin.exe and explorer.exe. These viruses often bypass detection because antiviruses trust those processes.
Is a virus written inside of a file with its macro language (for example: VBA). They are automatically run when the infected file is opened.
Examples: I Love You virus, Melissa virus. They both exploited weaknesses in microsoft outlook to spread and were embedded in a word document.
Software developers made important changes to the ability to run macros without explicit user permission, which drastically reduced the popularity of these viruses.
These viruses use more than one propagation methods.
Marzia Virus