This type of virus was the most common virus until the mid-1990s. It was stored in the Master Boot Record (MBR) (or master bootstrap) or the DOS Boot Sector (BS) of the infected hard drive. It spreads by attempting to infect the boot sector of every floppy disk that is inserted into the infected PC.

A PC will be infected when booting from an infected floppy disk. During the boot up process, BIOS executes virus codes resided in the floppy disk boot sector and thus passes the control of the system to the virus. With the control in hand, the virus can infect the PC by writing the virus codes to the master bootstrap of the hard disk. Afterwards, it resumes the normal boot sequence. From user point of view, everything may look normal. 

The virus stayed in the infected master bootstrap will get executed in subsequent boot ups. Hence, it will stay in the memory and be ready to infect any used floppy diskette.

[Master bootstrap is the first sector of a hard disk. It contains the partition table and codes to load the operating system. Usually, 16 or more sectors following the master bootstrap are unused.

Up to 4 partitions can exist in a hard disk. DOS extended partition can be sub-divided into logical drives.

The first sector of each partition is the boot sector, which contains information of the partition and codes to load the operating system in the partition.

Floppy disks do not have master bootstrap. A floppy disk with standard DOS format has the same structure as a DOS partition in a hard disk.]

The virus and anti-virus technology is ever changing. As user moves to a new platform / new technologies, virus writers will try to develop new virus that can spread upon it. The following lists some new platforms / technologies upon which new type of virus might arise:

• Java
• ActiveX
• Visual Basic (VB) Script
• HTML
• Lotus Notes

Java

Java viruses have long been a hot topic: Questions like " Is it possible to write a Java virus? " or " Could a Java virus spread from computer to computer, may be via the Internet? " have generated quite some discussion in different newsgroups. At a first glance, the answer is " NO " , because applets are designed to run in a controlled environment (the " sandbox " ), without access to files or arbitrary network connections on the computer.

Nevertheless, Java also allows developers to build applications which have full control over the system, like any standard program. And this is the place where Java viruses found their way out.

The first Java-based virus is known as Java.StrangeBrew. It was first discovered in September 1998 and infects java class files. But the virus works only if the file is executed as a native Java application, not as an applet. Though java application is rare and the implementation of Java.StrangeBrew is primitive, its influence should not be overlooked. We expect more Java viruses to come when Java applications become prevalent.

ActiveX

ActiveX, like Java, is perceived to be another platform for virus to thrive. Of the two new carriers of viruses, ActiveX posts a greater threat because of its design. Essentially a compact version of Object Linking and Embedding (OLE), ActiveX has direct access to native Windows calls, linking it to any system function. And ActiveX is not limited to users of MS Internet Explorer; a Netscape Navigator plug-in now available. Java, by contrast, is ' sandboxed ' or insulated from operating system services by the Java Virtual Machine.

Visual Basic (VB) Script

In the past, virus writers had to develop considerable expertise about low-level computer operations before they could create a virus that can successfully spread from machines to machines. Then, with the arrival of macros in the Microsoft Office, the tools for virus creation is readily available and much less knowledge is required to write a virus. The same is also true for VB Script virus, the environment it requires will soon be commonplace and the entrance barrier is low.

VB Script viruses are becoming a real threat. The original intention of Microsoft is to include a powerful and easy to use language that can easily access the resources in the Windows system (98 / NT). VB Script is in human readable form and so it is easy to understand. Thus it invites lots of "less technical" virus writers to invade the territory.

The first generation of VB Script viruses are those that embedded in the HTML pages and spread through the Internet, while the prevalent VB Script viruses usually spread by sending mails, together with an infected script, to users in the address book. Users who run the attached script will help the virus to spread.

HTML

Again, there has been a great deal of discussion around the Internet concerning HTML-based virus. You may notice that someone has claimed / broadcasted that he / she has invented / found the first HTML virus.

HTML, by its own, is a mark-up language to control the layout of Web pages. Raw HTML cannot be viral, so browsers supporting only HTML are not at risk. It is therefore, the so-called "HTML virus" is unlikely to be a real world incident. The real threat comes not from surfing the Internet but from downloading viral codes from the Internet and executing them.

Nevertheless, most browsers now support other scripting languages in addition to HTML. And the so-called ¡§ HTML virus ¡¨ usually take advantage of these scripting languages. The script virus usually uses Web pages as a vehicle to reach the machines of the victim. VBS.Offline is a typical example. The most common script virus nowadays is VB Script virus, which has been discussed before.

Lotus Notes

Given its huge user base, Lotus Notes is a potential area that virus writer will explore. Up to now, no native Lotus Notes virus has been identified. Nevertheless, the rich-text field in Lotus Notes database provide a place where conventional (file and macro) viruses to reside. Common server-based anti-virus software could not detect virus in Notes databases because the records are compressed. To guard against computer virus in a Notes environment, we recommend users to install a Notes-based anti-virus software.