Talk:Computer virus/Archive 2

Archival?
I think it's time that this talk page got archived. Agree or disagree? --24.60.150.225 (talk) 15:45, 14 August 2008 (UTC)


 * ✅ I archived all the old discussions (ie. those with no new contributions since 9 May 2008).  Follow the archive links in the box above to view the old discussions, but please do not edit the archive.  If you wish to start a new discussion or revive an old discussion, please do so with a new section on this page.  Astronaut (talk) 20:45, 7 October 2008 (UTC)

Motivations of virus writers

 * "but the majority of viruses are programs deliberately written to interfere with, or damage, other programs or computer systems. "

This is at the very least a questionable statement. Just look up a few interviews with virus writers in Google. I have removed it from the article. I think this statement is more accurate (and have put it in the article): "Virus writers can have various reasons for writing and spreading viruses. Some people who create or spread viruses intend to interfere with, or damage, computer systems." Sietse 17:22, 15 Sep 2004 (UTC)

This article needs a much more detailed discussion of why people create and distribute viruses. Are they just losers looking for attention? Are they vandals, doing it instead of spraying graffiti or breaking into cars? It would be useful if a psychologist would contribute here. —Preceding unsigned comment added by 62.140.194.147 (talk) 09:43, 20 August 2008 (UTC)


 * I don't think a discussion is appropriate for an encyclopedia. If there were any actual knowledge on this issue, then yes, it ought to be included, but as far as I know there is only speculation. Virus writing is a shadowy world, and few of the proponents have been caught or given accounts of themselves. There are no doubt as many motives as there are writers, and it wouldn't surprise me if any motive actually stated by a (purported?) virus writer was spurious, because they would have no reason or compulsion to tell the truth. They might engage in self-justification or might not even know their own motives. Why did I get up this morning? I can't account for it. Has any psychiatrist actually examined a known virus writer? TheNameWithNoMan (talk) 11:13, 20 August 2008 (UTC)

Why are there no Virus Creator Links? Is that against a rule or something? Or would people be too afraid to visit it?

"If they can teach how to make a virus, then they could have a virus on the site, I'm not going on there..." —Preceding unsigned comment added by 68.202.22.90 (talk) 23:43, 23 September 2008 (UTC)


 * Again, such things are outside the scope of an encyclopaedia article. TheNameWithNoMan (talk) 08:25, 24 September 2008 (UTC)

Viruses Damaging Hardware
I'm not the one who added the assertion about viruses damaging hardware, but the assertion is perfectly valid. The only example I can think of is a monitor, which you can blow out by sending it the wrong signals. Easy enough to do with a badly written driver or with carelessly chosen video settings. What non-malicious software can do by accident, malicious software can do by design. That said, I've never heard of a monitor-killer virus!

Before we add this concept to the article itself, we should probably find some more general and authoritative information on viruses causing hardware damage. I've done a little Googling, but all I see are the usual rumors and flamefests. Consider this note a stub for future investigation! Isaac R 06:17, 16 Apr 2005 (UTC)


 * http://news.spamcop.net/pipermail/spamcop-list/2001-June/014485.html - 84.222.70.189 15:09, 16 Apr 2005 (UTC)
 * I saw that one. But a BIOS is software, not hardware. The problem described can be fixed by flashing a new BIOS, without changing any hardware. Of course, without a a BIOS, all your hardware is useless -- but this is still not "hardware damage". Isaac R 21:32, 16 Apr 2005 (UTC)

Malicious software CAN damage hardware.

1. Monitors can be blown by oversyncing and non-compliant signals. 2. BIOS can be unrepairably corrupted by mal-formating the flash routine. 3. Harddrives can be destroyed by setting the wrong heads and sectors "on the fly" and then scraping the disk and causing it to overheat and melt. 4. CPU's can be destroyed by overclocking to cause intentional thermal overloads which bypass shutdown precautions. 5. RAM on the motherboard and videocards can be mal-synced to slowly corrupt adressable regions.

And that's just the first few examples that come to mind.

When I first saw this listed as "A GENERAL RULE" about viruses I was about to delete it on the spot but I figured it was best to provide feedback here first and leave it upto the powers that be to sort it out.

I've been blessed with several ACER doorstops thanks to a variant of the BIOS bomb mentioned above.

I've also woken up to the smell of molten harddrives- although the evidence of "viral activity" went up with the "ship". I can guarantee that other than proper AV measures the machine was 100% upto par the night before. The HD meltdown effect was replicated by changing the settings on the secondary HD while active and running format.

24.36.232.170 17:50, 4 May 2006 (UTC)


 * This issue has been endlessly argued in other places (as noted above) and I see that this talk page has TWO separate sections devoted to it. Before there were webpages, the wrangling raged for years on the alt.virus newsgroup. I don't propose to go through it all again, but have fun. If you do think your computer hardware can be damaged by a program, I would suggest complaining to the manufacturer. --TheNameWithNoMan (talk) 02:29, 21 April 2008 (UTC)

I know of a proof of concept related to FPGA hardware, http://www.springerlink.com/content/9wnbm5eqgpjvlcug/ And also a flash virus that destroys a media drive. Though i'd have to find the link again, i saw it discused in slashdot. —Preceding unsigned comment added by Allaun (talk • contribs) 22:37, 1 October 2008 (UTC)

Extreme bias in this article
This article is extremely biased in its current form. The fact that viruses are, practically speaking, specific to Windows systems, is not even mentioned. To the extent that it is vaguely implied, this critical point is downplayed. I have used Unix-like and Mac systems for decades, all without any kind of virus protection software, and have never encountered anything closely resembling a virus. The argument that Windows viruses are more common with Windows because of the popularity of Windows is a red herring. It is technically impossible to write a virus that can do any kind of system damage to a Unix, Linux or Mac system the way a Windows virus can. Again, this is lightly touched on in the article, but the ramifications are not spelled out. --Serge 05:57, 26 July 2006 (UTC)

One thing not discussed in this article is not only that the numbers of non-Windows viruses are so relatively small, but that the ones that do exist just don't spread the way Windows viruses do. The bottom line is that the vast majority of Windows users are compelled to use anti-virus software, while the vast majority of non-Windows users are not. --Serge 22:28, 28 July 2006 (UTC)


 * Actually, many of the most prolific early viruses were not "Windows systems" specific, or even MSDOS specific. The boot sector viruses that infected the boot sectors of floppy and hard disks and the partition sectors of hard disks subverted the boot-up process before the system was even loaded. They were therefore IBM PC BIOS specific. I have personally dealt with a helpline call from a user that had suffered an attack from the Michelangelo virus payload (wiping of the first portion of the hard disk) even though he was running a variety of Unix rather than any Microsoft system. That was unusual then, but there are many PCs now that have Linux installed instead of Windows, which would still be vulnerable to some old boot sector viruses, except that no one puts floppy disks in their computers anymore. TheNameWithNoMan (talk) 11:07, 12 July 2008 (UTC)

Apple have just recommended that Mac users employ anti-virus measures (news article ). The world moves on. TheNameWithNoMan (talk) 18:34, 2 December 2008 (UTC)


 * Oops- apparently the world moved on in 2002, when Apple first advised Mac users to employ anti-virus software, and on other occasions since . More recent announcements just seem new because of the recurrent claims that Apple is immune. TheNameWithNoMan (talk) 23:29, 3 December 2008 (UTC)


 * YET MORE- Apple have just released a set of patches for vulnerabilities in OSX components, much as Microsoft do on a regular basis. News Article here . TheNameWithNoMan (talk) 00:45, 16 December 2008 (UTC)
 * AND AGAIN- "Apple has released a set of security updates that plug over two dozen holes in Mac OS X - including the Safari RSS vuln discovered last month - plus a vuln apiece in Java for Mac OS X 10.5, 10.4, and Safari for Windows" . TheNameWithNoMan (talk) 09:19, 13 February 2009 (UTC)


 * Your discussion here reminded me of a question that I recently concocted. I have no intention of actually doing something like this, but please consider this hypothetical scenario - would it be possible to design a virus so that it affects certain operating systems while ignoring others?  Like, say, a virus that would activate on a Macintosh server, but remain inert for Windows.  Again, I'm just asking out of curiosity - I'd never actually do this sort of thing, and I certainly wouldn't know how to do it, even if I wanted to, but I'm just wondering if it is possible.  --Luigifan (talk) 13:35, 13 January 2009 (UTC)


 * I'm sure it is possible to detect the OS and then tailor an attack (or not) towards it. I can't think of any specific examples from history, but yeah, it would be that hard to detect such details. - Jarry1250 (t, c) 15:27, 13 January 2009 (UTC)


 * Question is the wrong way around. Designing a virus to subvert more than one operating system would be very difficult, because they all work differently. There are viruses that can WORK under more than one operating system, such as the Word Macro viruses, but these subvert something other than the operating system (such as the Word macro execution facility). You also have viruses that subvert the computer BIOS before the operating system is loaded (as mentioned above), which may continue to work or partially work after the system loads, regardless of the operating system, if it uses BIOS functions or interrupt calls. But to "attack" more than one system (the system itself), i.e. both Windows and Mac, would be very hard. Not all systems run on the same hardware either, so you might not even have a common instruction set. I don't think anyone has ever bothered with this, especially if they wanted to then choose which system to infect and leave the other alone. Easier to just write separate viruses. If you wanted it to work on a Mac and not Windows, you would simply write a Mac virus, not a Windows one. No worries that it would work on the "wrong" system. TheNameWithNoMan (talk) 15:55, 13 January 2009 (UTC)

have you thought
iv already asked about 15 people about this but has anyone ever notest the instant a virus pops up there’s an update to protect agenst it from Norton or some thing shurly it would take at lest a few hours to make a protection for any virus unless you were the one who made it and had knowledge of the weaknesses’ it may have.


 * Actually, this is frequently "noticed" by people who are new to the subject. There are many things wrong with your supposition, including "the instant a virus pops up". What does that mean? When YOU become aware that there is a new virus? Most users find out about new viruses when the anti-virus people have put out an alert, at which time they may have been studying it for quite awhile- otherwise how would it have a name (viruses are named by AV researchers, not the virus writers) and how would its characteristics be known? When a virus "pops up" that is "called killerdiller and infects Word documents and rotates all your .JPG files", the name will have been assigned by anti-virus researchers and the infection route and the payload discovered through their research. Otherwise all you would have is "hey, there's a new virus". You can say that any time you like, there are always new viruses.


 * Most new viruses are variations on old ones, so the research time is often short. Virus "weaknesses" are not an issue. Each virus has its own characteristics which need to be dealt with to remove it, but is is likely to be similar to others seen before. Virus researchers consider it a positive treat to find anything novel to work with, as they see so many copycats. TheNameWithNoMan (talk) 11:28, 12 July 2008 (UTC)

is this a virus?
[URL Removed] sorry for the edit, Jeremybub, but Abedia is right: we don't want unaware editors to click on the link and potentially get infected ---24.60.150.225 (talk) 15:22, 14 August 2008 (UTC)

Rebooting
does anyone know if Rebooting the computer to get rid of viruses can damage the computer if you do it too many times?? J.C. 03:42, 16 June 2007 (UTC)


 * I've never heard of excessive rebooting harming a computer, although switching it off and on again thousands of times could blow something (just like turning a light bulb on and off thousands of times could blow it). But please note that rebooting in itself won't get rid of or even slow the virus - you need a virus removal program. peterl 23:22, 21 August 2007 (UTC)


 * Bit of basic misunderstanding here I think. In the early days there were many viruses that subverted the booting-up process of a PC. In fact, these boot-sector viruses were the most successful type until floppy disks fell from favour. Because these viruses infected the boot or partition sector of the hard disk, and therefore took control of the computer before the operating system was run, they could hide from any anti-virus program that was run subsequently or re-install themselves after it was run. It was therefore important to "clean-boot" the computer from a floppy disk that was known to be free of infection before running anti-virus software. Re-booting a computer in itself does nothing to "get rid" of a virus, but re-booting from a known clean floppy disk was vital preparation to the use of a (usually DOS based) anti-virus program. Nowadays anti-virus software usually doesn't require this, but there is a new threat called a "root kit" which again subverts the computer at an early point in the boot-up sequence and can therefore hide from AV software run later on. TheNameWithNoMan (talk) 11:45, 12 July 2008 (UTC)

VERSIONTRACKER LINKS TO A VIRUS SITE.
www.versiontracker.com/dyn/moreinfo/win/156124

77.54.102.172 (talk) 16:08, 20 April 2008 (UTC)


 * Why does Wikipedia care? We're not a source of antivirus definitions or a badware listing. Maybe you should let the people who run versiontracker.com know about that. --FOo (talk) 06:43, 22 April 2008 (UTC)

ak dizzay viruses should stop —Preceding unsigned comment added by 212.121.196.1 (talk) 09:21, 16 July 2008 (UTC)

CiD programs
This article uses the term CiD programs but does not explain wat those are. See Many CiD programs are programs that have been downloaded by the user and pop up every so often. --RAM (talk) 12:44, 29 August 2008 (UTC)

Concur. What the heck is a CiD program? Sue D. Nymme (talk) 15:45, 1 January 2009 (UTC)


 * I don't recognise the term either, but haven't been working in this field for some years so was reluctant to meddle with what might have been a new threat. However Neither Sophos nor McAfee seem to use this term for a class of virus or anything else much, so I will edit out the reference. TheNameWithNoMan (talk) 19:40, 2 January 2009 (UTC)

SFRIO600.DLL
Question moved to Computing Reference Desk where you might get a better response. Astronaut (talk) 17:10, 29 October 2008 (UTC)

Link Inclusion
This is a shameless self-promotion (since Cliff deleted it before), but I would ask the community to consider this link for inclusion: An Introduction to Computer Viruses --Tocsin (talk) 07:57, 10 November 2008 (UTC)

Please add
Virus types

Transient (parasitic) virus; most common. It attaches itself to a file and replicates when the infected program is executed. Memory resident virus; Lodged in memory as part of a sytem program. Boot sector viruses; It affects important files located in boot sector and spreads when the computer system is switched on.

Firewall

A firewall is a combination of hardware components and appropriate sofware that controls or filters access between two networks. Main component of a firewall; packet filter, which is capable of preventing data packets of a certain type from passing through the firewall. Social engineering is a term that describes a non technical kind of intrusion.

--196.20.173.77 (talk) 18:20, 3 December 2008 (UTC)Posted by ratman.

Table
I am going to do something like a table. Because someone asked me what virus is virus and what is worm ... You see, even i was not sure ;) . The columns would be what it does, eg. prerequisites and rows would be viruses and whether they suffice that constrains .... I hope it will take me short time ;). 84.16.123.194 (talk) 23:25, 4 December 2008 (UTC)

Protected spaces
The statement "Unix-based OS's (and NTFS-aware applications on Windows NT based platforms) only allow their users to run executables within their protected space in their own directories." is trivially incorrect. You can run executables in /usr/bin/ and /bin (e.g. /bin/ls) on most POSIX systems. You can also give input outside your directory, such as:
 * /bin/ls /etc

I'm not sure what the author was trying to say, but as written it was false. Superm401 - Talk 03:15, 19 December 2008 (UTC)


 * I think it's just the "... in their own directories." bit that was confusing. I have reinstated the sentence but removed the last bit.  Better?  Astronaut (talk) 15:11, 20 December 2008 (UTC)

I have a question about viruses...
Ever since listening to Weird Al Yankovic's song "Virus Alert", I've had a question that's been bugging me. How do people create viruses without the new software immediately executing and wrecking its creator's files? Is there some sort of "virus cap" or something? I'm not a hacker or anything, just an extremely curious computer user... and I'd like to know how viruses don't just blow up in their makers' faces!!!! --Luigifan (talk) 13:20, 13 January 2009 (UTC)
 * What you're asking (if I've got it right) is, why don't viruses infect their creator's computer? Well, I'm guessing they probably do. Either that, or a simple "if date=" might also suffice, but that would be risky and it would effectively create a way of neutralising the virus. So, in essence, the answer is probably that they do indeed blow up in their makers' face, then spread out from there. - Jarry1250 (t, c) 15:30, 13 January 2009 (UTC)
 * Viruses are just .exe files typically. They just don't run the files.69.110.234.99 (talk) 23:16, 19 January 2009 (UTC)


 * I imagine that virus writers have to run their viruses to check that they work, just like any programmer must do. No programmer can ever be sure of how a program works without testing it. As an anti-virus researcher, I routinely executed viruses to check that they worked as my investigation of the code indicated they would. Naturally, I had a computer set up specifically for this purpose (wiping it afterwards), and virus writers almost certainly have at least one extra computer with nothing important on it, just for messing with viruses.


 * Your assumption that a virus would immediately run amok and damage the writer's computer files is very unlikely anyway. Most viruses don't do any damage at all. Those that do don't trigger immediately, as that would limit their ability to spread to other computers. The virus writer would know what triggered the payload, if there was one, and would be in control of it, though he would almost certainly deliberately trigger it, to be sure it worked. There are, however, many examples of virus code that don't work as intended, or at all, indicating that some virus writers don't test thoroughly or test on computers configured differently than the one they are working on. TheNameWithNoMan (talk) 00:05, 20 January 2009 (UTC)

router
can a router get virus? —Preceding unsigned comment added by 71.37.64.225 (talk) 12:30, 16 February 2009 (UTC)
 * This is not a general forum for discussion on computer viruses. For a place more likely to answer your question, see the reference desk. ←  Spidern  →  02:36, 27 March 2009 (UTC)

The article Virus programming has been nominated for deletion.
The article Virus programming, which was created on February 10, 2009, has been nominated for deletion via WP:PROD. Editors of this page might want to consider merging it or making it a redirect. ☺ Coppertwig (talk) 02:19, 7 March 2009 (UTC)

How to make a virus
I am for a section on this. 68.50.122.83 (talk) 02:07, 3 April 2009 (UTC)
 * Write a program that does something bad. There you go. 75.159.101.125 (talk) 02:30, 11 April 2009 (UTC)
 * "Bad" doesn't define a virus. It has to be capable of replication. Many viruses do nothing else, though unauthorised replication is bad enough. We don't have a "how to" section because this is an encyclopaedia, not a cook book.TheNameWithNoMan (talk) 08:11, 11 April 2009 (UTC)

Microsoft Windows a Virus
I'm not doing this to create spam or debate, but Windows is a virus by the first sentence of this article. Did I know that my first ever computer would come with Windows? Nope, and I was ten years old at the time, old enough to know who Bill Gates is. Did the manufacturer have my permission to use Windows? Nope. Do new users to computers know that Windows will come on their computers? Probably not. Does the manufacturer have the permission of the new user to do that? Not at all.

Again, this isn't to create spam or debate, just an observation from a Linux person.

--Pikidalto (talk) 18:10, 24 April 2009 (UTC)


 * You certainly should have known which operating system came with your computer when you bought it. It is part of the specification. 10 year olds don't pay much attention to such things of course, but I expect whoever did the paying knew. I understand from the media that the current "OS expectation" problem is that users buying netbooks or the like sometimes don't realise that they are getting some flavour of Linux rather than Windows, and they may be upset when they find out. Read the specs before buying. This isn't the place to champion any particular OS. TheNameWithNoMan (talk) 08:29, 25 April 2009 (UTC)

Demented3000 (talk) 04:56, 14 July 2009 (UTC)demented3000 I have to agree, this is not a cook book, and the spread of this malicious software should not be encouraged. The codes i personally create are Matrix viruses, one of the most harmful kind, but i only do this to practice my c++ and notepad skills. If these codes got into the hands of someone who did not know how to maintain control, there would be a lot of trouble headed my way. And just for clarification i DO NOT send these codes across the web with malicious intent.

computer virus
computer virus is a program who follow the command(instruction)of the creater of the program not the owner it can be spyware addware worm —Preceding unsigned comment added by Getnikkoo (talk • contribs) 12:10, 28 April 2009 (UTC)

Not really Getnikko. What you're describing could be a Trojan horse, which pretends to do what the user says but in reality does what the creator has programmed into it. Computer virus HAS to have the ability to self-replicate, using host programs. Hunan Rostomyan (talk) 03:18, 19 July 2009 (UTC)

Relevance of focus on OS
The section's "The vulnerability of operating systems to viruses" focus on user accounts, I think is overstating the relevance of user accounts to virus propagation and activity.

Nowadays, most infections occur without interaction through exploits. Even if the exploit does not provide full privileges immediately, there are many local Privilege escalation exploits. Even if the system is perfectly locked down, it wouldn't affect most of today's viruses, who spread by sending e-mails or IMs, or scanning for vulnerable remote systems. And even if it was limited to one user, it could still steal, damage, or infect any of the files accessible by that user. With the rise of internet banking, etc, stealing information can be one of the most damaging things a virus can do.

Not saying that least privilege is bad; it might have been worthy of such a high pedestal 10 years ago, now it's just part of a layered defense. --HamburgerRadio (talk) 18:06, 22 August 2009 (UTC)

Intro section
The first two paragraphs need a comprehensive rewrite. They have become clumsy from continual bitty alterations, and now say the same thing three times. I suggest that a shorter single para be written and posted here first to allow any objections to be known before it is placed in the article. TheNameWithNoMan (talk) 08:04, 25 November 2009 (UTC)

Really Need a Citation? (PDFs can link)
In the Vectors and Hosts section, it says we need a citation for the statement: "PDFs, like HTML, may link to malicious code." What is the citation needed for? That PDFs can link, or that links can point to malicious code? This seems silly to me. un4v41l48l3 (talk) 05:22, 1 December 2009 (UTC)


 * Maybe it would seem more like common knowledge if it were expressed more completely, "PDF files (like web pages and emails) may contain HTML hyperlinks that can link to malicious code hosted elsewhere on the internet." TheNameWithNoMan (talk) 06:44, 1 December 2009 (UTC)

Taking exception to the definition of a virus.
Indicating in the summary of the article that a computer virus is a program is not an adequate or correct statement. The virus itself, much like a virus that affects humans, is only a few routines. The host program or file is an entity that carries it, but is not actually the virus. The host program delivers the payload of the virus into other programs or files, thus replicating. References for this include Chen, Thomas and Robert, Jean-Marc: The Evolution of Viruses and Worms chapter from "Statistical Methods in Computer Security" (2004) and Cohen, Fred: "Computer Viruses" (1985). Please consider a rewrite or adding specifics to the overly-simplified introduction to clarify that viruses are not specifically programs - they are injected pieces of programs.

Ekpyrotika (talk) 05:54, 6 December 2009 (UTC)


 * A virus is a program, in the sense that it is executable. Some viruses are actually entirely separate executable files, with a .com or .exe extension, which use a different infection strategy than you envision. In viruses that attach to legitimate programs and subvert them, the host program does not itself deliver the payload as you describe, it is a carrier for the virus which does so. The virus may act as a "wrapper" or even overwrite the code of the legitimate program. Some viruses replace the program on the boot sector or partition sector of floppy or hard disks with their own program. This is a program, even though it is not a file or an application. Script viruses are programs in the same way as programs written in an interpreted language like Basic are programs (this includes many email or Word doc viruses). It is difficult to write a definition of computer virus that is completely apt for all viruses (and does not slop over into non-virus malware) but there are two aspects that must be present, a virus is executable code (in any of many forms) and it replicates itself. Any executable code may correctly be described as a program. Limiting this to "a routine" or "injection of a code fragment" would mean that many known viruses would fall outside the definition. TheNameWithNoMan (talk) 10:35, 6 December 2009 (UTC)


 * What you have identified as a "virus" in your context is simply referring to general malware. A malware is a program designed specifically to accomplish its function, whether it's sending spam via your e-mail or post ads on your desktop. A virus, however, much like a trojan, is NOT a program. It consists of a series of programming codes that are designed to find out specific files inside your system and edit them, inserting whatever is input in the code itself. Files that were infected (i.e. rewritten) by the virus code become "corrupt", which doesn't mean that they harm your system - they simply start performing different functions than designated. While the files bearing the virus itself is called a "carrier".
 * Upon reaching the new system, the carrier requires execution in order for the virus code to be read and come into effect. Once done so, the code can initiate a search for any potentially shielded files (usually system, core, kernel etc.) in order to copy/paste its code inside their owns, thus making itself harder to eliminate, because once those files will be executed by the system, the virus reactivates (even if the carrier has been destroyed).
 * When an anti-virus scans for any potential viruses, it simply looks for any file that might contain suspicious codes in its script and tries to erase the code (i.e. "clean"). If the file keeps being corrupt after the virus code has been erased, the anti-virus might also suggest to delete the file completely (which is not recommended if it's a system file).
 * Some viruses can lay dormant inside a computer system for years either because their codes cannot function in a certain updated environment (i.e. host file names changed), or because they never were executed by the system.70.49.68.151 (talk) 16:18, 13 January 2010 (UTC)


 * You have a very simplistic view of viruses. Some of them work the way you think, but others do not. Some, like the first widespread PC viruses, do not have anything to do with files at all. They subvert the boot sector of floppy disks or hard disks. Some file oriented viruses do not alter the files they infect at all. A general definition of viruses needs to cover the essence of what constitutes a virus, which is replication, and not specify aspects that only apply to some viruses, like file alteration, corruption, or other payloads, as many viruses have no payload at all. I agree that the definition could use a rewrite, to make it read better, but your changes are just wrong. TheNameWithNoMan (talk) 18:54, 13 January 2010 (UTC)

Criminal liability
After being infuriated by various malware symptoms over the past weeks, I came here to read about these little rats being caught and held to account for their garbage. No such luck. Is this because it's not something that is pursued criminally, or just because nobody has documented it here yet? Vranak (talk) 15:55, 7 February 2010 (UTC)


 * Try searching wiki on "virus writers". There is no subject by that name, but lots of other subjects come up, some about prosecutions. Virus writers are typically protected by anonymity and extraterritoriality. Those that get caught seem to be vainglorious amateurs looking for recognition. TheNameWithNoMan (talk) 23:24, 8 February 2010 (UTC)

Removed a section Mar 5 2010
I just removed a big section. Reasons being:


 * It overlaps with information covered in existing sections, and also lumps the different hosts of viruses together with individual features those viruses may have.
 * No sources cited.
 * "You" and "Your" are not appropriate tone
 * Some of it borders in difficult to comprehend because of poor grammar.
 * And finally, I found the text elsewhere on the web with search engines, I don't know which is the origin of the text and no information about the source was given with the edit, so it could be a copyvio.

If it weren't for the last one, I might have left it in to be worked on, but until it's resolved, it should be left out. --HamburgerRadio (talk) 10:33, 5 March 2010 (UTC)


 * Thanks HR. Looks like a straight copy-paste (from http://www.isoftwarereviews.com/types-of-computer-viruses/), which is sufficient reason to revert any edit.  I've left Welcome - Copyright on the user's talk page.  Adrian J. Hunter(talk•contribs) 14:13, 5 March 2010 (UTC)

What is a computer VIRUS
It's an acronym, as along with many other millions of them in the world of computers, stands "Vital Information Resource Under Siege", but over a period of time, has been lost / dissolved in time, and is now synonymous to a computer infection. —Preceding unsigned comment added by Kkpavankumar (talk • contribs) 21:01, 6 February 2010 (UTC)
 * Wrong, that is a Backronym. --HamburgerRadio (talk) 22:08, 6 February 2010 (UTC)


 * No one who was there at the beginning would possibly fall for that laboured construction. Viruses were so called because of their ability to reproduce, similar to organic viruses. Most of them didn't attack anything at all, they just spread. Try reading some of the literature. TheNameWithNoMan (talk) 01:18, 7 February 2010 (UTC)


 * You cannot be serious Kkp. I'm thinking that English is not your first language. Vranak (talk) 15:58, 7 February 2010 (UTC)


 * Dear Vranak, not only do not have the slightest idea of what the difference is between virus writers and those "little rats" that have caused you so much trouble, you don't even listen to a pretty reasonable explanation to your post given here by TheNameWithNoMan. The term "virus" has first appeared in Fred Cohen's doctoral thesis at USC under the guidance of Professor Leonard Adleman. The professor himself suggested that he uses the term "virus" instead of its technical equivalent which had come to be known as "self-replicating automata" after von Neumann's seminal work.Hunan —Preceding undated comment added 07:12, 25 February 2010 (UTC).


 * One thing I think this article is missing is a good discussion of where viruses come from. The medical metaphor is interesting, but it is odd that it leads us to dissociate viruses from the people or groups who made them. The metaphor seems to suggest that computers just get sick, and not that someone, somewhere has written a program to make them that way. Who are the people that do this, and why do they write viruses? As human productions, are viruses cultural? Do they contain implied messages about how one should or shouldn't live an ethical life (would viruses that infect computers via porn be in this category?)? If anyone knows anything about this, I think that would be a cool and useful addition to this article. (24.255.28.139 (talk) 03:02, 6 November 2010 (UTC)Robin)
 * This lack of information about virus developers is partly intentional: Wikipedia only writes verifiable facts. Meanwhile, most of what the books write about the creators of viruses are merely their own assumptions. They assume that viruses are created by fun-seekers, malignant people ranged from cyber-sadists to cyber-terrorists and sometime the antivirus companies whose existence is dependent on existence of security threats. But these books never say anything about a certain case in which, for instance, an antivirus company is charged with developing computer viruses. Hence, these sources fail to comply with Wikipedia Reliable Source mandate and occasionally with What Wikipedia is not. Still, if you are interested in this subject, you can visit List of computer viruses and study the articles of notable viruses and get to know about virus-writers in a case-by-case basis. I myself am not interested: It's half a decade now and I have rarely ever seen a virus, although I see A HUGE LOT of other types of malware. (Some people use the term "virus" to refer to "malware".) Fleet Command (talk) 11:15, 6 November 2010 (UTC)

Suggestions
I think that this article ought to be merged with either the Malicious software article or the Malware article since a computer virus is a kind of Malware or malicious software.

Bubble anonymous (talk) 22:53, 9 March 2010 (UTC)
 * Oppose: I strongly oppose. Virus is not malware. Malware is also not virus. Besides, Malicious software redirects to Malware. These links lead to one article, not two. Fleet Command (talk) 06:28, 28 May 2010 (UTC)
 * Oppose: While virus is a type of malware, they are very different.Jasper Deng (talk) 02:50, 23 January 2011 (UTC)

Shouldn't this page be semi-protected?
Hello, everyone

When I look at this article's history, I see only vandalism; perhaps if I look carefully, I see one ore two useful edits. This page looks like a battleground.

Isn't it time we requested a permanent semi-protection for this page?

Fleet Command (talk) 05:04, 15 October 2010 (UTC)

First computer virus?
Talks about a prank created at MIT in 1970 that would flash the word "cookie" across the screen.--72.19.91.210 (talk) 03:08, 18 October 2010 (UTC)
 * http://www.time.com/time/specials/packages/article/0,28804,1839579_1839578_1839526,00.html

Computer viruses (Information wrong)
editsemiprotected

Hello there! :) I was surfing the net for more information about viruses but seems like your information is wrong. :(

A computer virus can be many things. It can be worm, cookie, trogans etc... A worm is the virus which can copy itself on the file. It also can change the file size and overwritten them so that you cannot find it. Where can you find it? Well, you can find it in Internet Relay Online(IRO) (If I am not wrong). Do not download if it says to download because you might be downloading a virus :) It will cause your computer to freeze and cause lots of problems like not responding and may crash your system. If you want to cure this type of cookies and worms, you can download the Norton AntiVirus as it helps to get rid of the worms and track the files for any changes and will inform you to fix the error. Cookie. Cookie is also the same as worms. Cookie can track your password and email addresses and other personal information about you. (You can find out more by doing some research on the computer. You can go to google and Yahoo and type in computer worms and they will tell you) Cookie is not very serious in the fact that it is very easy to take it away or fix it. But for the worm, is not easy. They will give you a warning note like "password stealer" and other stuff ( I got it before. It was very very hard to take it away. You can't even go to the internet to reduce the virus.)

Fine1 (talk) 05:35, 28 May 2010 (UTC)I hope you will change the information ;) Yours Sincerely, Fine1 :)
 * Oppose I don't agree. A computer virus cannot be those that you said. You have mistaken virus with Malware. (And you are not the only one who does so. Many people do. That's why the hatnote is added to this article.) Virus is only a subset of malware and is characterized by it ability to infect other computer files.

Hi, not sure if this is the best place to make this comment, but it would be very useful if the article provided an explicit definition/discussion of the differences between malware, worms and viruses, as these terms are so often used synonymously. As I understand it, a worm is a subset of a virus and a virus is a subset of malware? Though if that's true, it implies that there are types of malware which are not viruses - i.e., neither capable of spreading between computers,nor of copying themselves (otherwise malware would be the same as virus), and also that there are viruses which are not worms - i.e. are incapable of spreading between computers (otherwise all viruses would be worms). If that is the case, it would be interesting to include examples of malware that are not viruses and viruses that are not worms Mike6828 (talk) 09:02, 15 February 2011 (UTC)


 * And no, you cannot rely on everything that you read in Google search hits. You should consult a reliable source. I suggest a good book or www.microsoft.com/securityFleet Command (talk) 06:11, 28 May 2010 (UTC)
 * Oppose per FleetCommand. Also, calling a cookie a virus is like calling a program a virus. A program may contain malware, and a cookie may be used for nefarious purposes, but that doesn't even make it relevant to the "common" usage of the term virus.  Giftiger Wunsch    [TALK]  11:06, 28 May 2010 (UTC)
 * Red information icon with gradient background.svg Not done: The equested changes define Malware, not a computer virus. Spitfire19 T/C 11:26, 28 May 2010 (UTC)

in my view it is not difficult to find information to suggest that the old distinctions between different types of malware and viruses no longer apply. far from the term "virus" being 'commonly but erroneously used to refer to other types of malware' the use of the strict definition is now archaic. when a term has only existed for 30 years and has been 'commonly but erroneously used' for 20 of them it's usage has changed. the entire face of security has changed when the internet happened the method of reproduction, the attack vector, changed to social engineering. it is still a method of reproduction. if this article is not going to adapt then it may as well be restructured to make it clear that it is only of historic interest. — Preceding unsigned comment added by 78.105.212.184 (talk) 12:30, 26 May 2011 (UTC)

Link to J.B. Gunn
I attempted to change "J.B. Gunn" to J.B. Gunn to provide a link to his wikepedia page, but it would not let me. Will someone with proper authorization please make the change for me.

Thanks Jpg1954 (talk) 20:07, 13 December 2010 (UTC)


 * Looks like you got it. Most likely you were logged out when you tried before; see WP:SEMI. Adrian J. Hunter(talk•contribs) 03:19, 14 December 2010 (UTC)


 * Hold on... According to your contributions history, you edited this talk page after you successfully changed the link in the article . Is there any outstanding problem, or is the apparent timing just an illusion caused by a software glitch?  Adrian J. Hunter(talk•contribs) 03:31, 14 December 2010 (UTC)

When I tried to save the change, it told me that I was not allowed to change the page because I wasn't a "super-authorized" user or some such. But apparently it lied and DID make the change. Thanks Jpg1954 (talk) 03:53, 14 December 2010 (UTC)

Hardware viruses

harddisk viruses implemented either in ther hard disk os or in hardware in the hardisk controller chip

hardware viruses implemented in chipsets or in cpu´s

see cia or other secret services, like chinese secret service implementing viruses in hardware —Preceding unsigned comment added by 78.54.151.255 (talk) 18:45, 6 January 2011 (UTC)

'The Terminal Man' is a wrong reference
The reference to The Terminal Man, by Michael Chricton is wrong. There's no such sideline history of a computer dialing trhoug modem. But can't edit. — Preceding unsigned comment added by Turbosinaboy (talk • contribs) 02:16, 5 February 2011 (UTC)

Edit request from Chrisredshaw, 19 March 2011
Hello. Hope you are well. For your consideration, could we please remove the external link to http://www.microsoft.com/emea/itsshowtime/result_search.aspx?track=1&x=37&y=7 as the page currently returns a 404 error. After some searching, I believe that Microsoft have deleted the content as I have not been able to find an updated link.

Also for your consideration, an infographic called 'Computer Invaders: 25 Infamous Viruses Over The Last 25 Years' and located at http://www.antivirusoffers.com.au/wp-content/uploads/2011/03/computer-virus-lg.jpg

Chrisredshaw (talk) 04:07, 19 March 2011 (UTC)
 * Yes check.svg Done — Bility (talk) 05:19, 19 March 2011 (UTC)

Market dominance is not relevant
You can well remove the sentence "Microsoft software is targeted by virus writers due to their desktop dominance". This is an old flame-bait that is proven to be wrong. OSX and Linux are pretty popular and for the reasons explained later they are not attacked by viruses. A counter example are the Nokia Symbian phones. Since they were (are) vulnerable to viruses some have been developed and spreaded indeed. —Preceding unsigned comment added by 95.74.255.214 (talk) 12:30, 24 May 2011 (UTC) 109.52.172.232 (talk) 08:20, 23 May 2011 (UTC)


 * Why should we believe you? Your assertions are orders of magnitude harder to believe than those of the article. In fact, I think the article is right: Microsoft Windows is the most popular operating system around and most viruses are written for it. Mac OS X and Linux might have seen other forms of malware but not virus. Fleet Command (talk) 09:03, 23 May 2011 (UTC)


 * I especially like to see your sources on Symbian OS. I investigated a little bit and it seems it is not prone to virus infection at all: It enforces a digital signature requirement and prevents execution of codes that are not signed. I advise you not to waste your words if you don't have source but if you did, I don't care. Fleet Command (talk) 09:31, 23 May 2011 (UTC)


 * Microsoft software has suffered from particular vulnerabilities quite unconnected with its popularity or dominance. This is especially true of the scripting languages in Outlook Express and Microsoft word, which were wide open to exploitation because they allowed incoming documents to have too much power. Word macro viruses were in fact the most prolific "Mac" viruses, once Word was on the Mac. I left anti-virus research about the time that macro viruses emerged, and never did any research on them. I understand that the worst vulnerabilities have now been addressed, but the idea that it was simply the desktop dominance that attracted virus writers is incorrect. Microsoft was an easier target.


 * Incidentally, many of the early so-called MSDOS viruses actually subverted the BIOS, not the operating system, so could be regarded as IBM viruses. I have dealt with attacks by such viruses on UNIX type operating systems running on IBM computers (a virus like Michaelangelo won't spread from such a setup, but will wipe the first part of the hard disk on the trigger date). TheNameWithNoMan (talk) 20:41, 23 May 2011 (UTC)


 * Your source, please. Fleet Command (talk) 07:16, 24 May 2011 (UTC)


 * I think I made it obvious that my "source" is my own expertise and experience in this field. The anti-virus software that I wrote has long been superseded, and my research articles in early printed journals have not been archived online as far as I am aware, but it would seem fatuous to quote my own works as a source anyway. You are of course free to believe whatever you like. TheNameWithNoMan (talk) 09:15, 24 May 2011 (UTC)


 * Your experience is unacceptable, per No original research. All contents in Wikipedia need to be sourced from reliable sources. Fleet Command (talk) 10:45, 26 May 2011 (UTC)


 * This is the talk page, not the encyclopaedia entry. I may therefore attempt to advise you from my own experience in here, though it is obviously a lost cause. I have a particular disregard for those who use Wikipedia's rules as an excuse to stifle information they don't want to hear. TheNameWithNoMan (talk) 08:17, 27 May 2011 (UTC)

Not sure how to reply to a comment in this page. Anyway, I know because I caught a virus myself in my Nokia N70 few years ago. I had to install this tool to remove it: http://www.symantec.com/security_response/writeup.jsp?docid=2005-102011-2304-99

Not sure if it is a virus or a worm, what I know is that it did reproduce and install itself in my mobile phone. In any case, that sentence about market dominance it IS wrong. According to Wikipedia itself, OSX Market Share is above 10% worldwide: Macintosh

It looks to me more than an enough installed base to justify malicious activities against OSX around the world. Also considering that Apple is getting more and more hated as a brand for posers.

95.74.255.214 (talk) 12:30, 24 May 2011 (UTC)


 * Let's stay on topic: You are disputing the fact that "Microsoft software is targeted by virus writers due to their desktop dominance" and you are saying that there are more Mac and Nokia viruses than Windows ones. But where is your source? You have none. All you can tell us is the existence one single computer worm (not virus) called Symbian/Cabir. Meanwhile article has good reference from credible sources that say "As of 2006, there were relatively few security exploits targeting Mac OS X" (http://www.viruslist.com/en/analysis?pubid=191968025). So, I think there is no point pursuing this further. Fleet Command (talk) 11:03, 26 May 2011 (UTC)


 * Again, this is the talk page. If you don't want to pursue this further, all you need to do is stop. To tell others not to post is out of line. TheNameWithNoMan (talk) 08:17, 27 May 2011 (UTC)

The references have been provided. What does it mean that even if they were FleetCommand didn't care? I thought this was supposed to be an Encyclopedia, not a Microsoft propaganda bulletin. It's up to whom wrote that piece about market dominance to prove that it is correct. Which it isn't because as shown even mobile phones have got viruses. Also Symantec, F-secure and others developed antivirus for Nokia mobile phones. As written here below "Encyclopedic content must be verifiable". Market dominance causing viruses isn't. So please trash it. Michelasso (talk) 08:19, 25 May 2011 (UTC)


 * No reliable references has been provided, even if you wish to think otherwise. As for the article contents, those that were not well-sourced are deleted. Those that are left have good sources (though they may not have footnotes, which is not mandatory.) And no, FleetCommand's own opinion amounts to nothing; but contradicting a Wikipedia policy is equal to contradicting all Wikipedians. Fleet Command (talk) 10:45, 26 May 2011 (UTC)


 * I can provide a reliable reference for the statement that "70% of networks use Novell" (from a work that is already an accepted reference in this section). It was true when it was written, though obviously an estimate, but not true today. It seems from the above that you have set yourself up as the arbiter of which references are "not well sourced" and which have "good sources". If your opinion "amounts to nothing" then you shouldn't be removing material based on your opinion of sources provided by others. TheNameWithNoMan (talk) 08:45, 27 May 2011 (UTC)

"Microsoft software is targeted by virus writers due to their desktop dominance" - that is verifiable and there doesn't seem to be any other verifiable reason why microsoft is targeted. so we are left with arguing over whether MS is dominant for desktop or that it is targeted more than other OS's. both of which are completely verifiable too. lets call a spade a spade 95.74 is an OSX fanboi who is using the nuance of wikipedia policy to argue that black is white. now off to find verifiable source that black is not white.... meanwhile don't feed the troll. — Preceding unsigned comment added by 78.105.212.184 (talk) 14:13, 26 May 2011 (UTC)

Bland
This article needs to explain how a virus can affect your computer. It doesn't really say what happens when you get a virus. Also, what does it say about Macs getting viruses? 72.172.17.108 (talk) 14:01, 28 May 2011 (UTC)
 * Short answer: Nothing good!


 * Long answer: When your computer is at the mercy of a virus, what happens to it is entirely a matter of the mercy of the virus (or virus writer). Fleet Command (talk) 15:00, 28 May 2011 (UTC)


 * And by the way, the article speaks about viruses in general, not Windows viruses. Occasionally, it mentions Windows or Mac, but all its contents are equally applicable to both. Fleet Command (talk) 15:04, 28 May 2011 (UTC)


 * The article does say that some viruses do nothing more than reproduce themselves (anything less than that and they would not meet the definition of a virus). That reproduction is a problem in itself, because getting rid of the virus costs time and money, even though the virus has no "payload". Other viruses may do almost anything that can be done by software. There is a good scale of the possible damage they can cause written by Dr. Alan Solomon. In that, the wiping of a hard disk (which many think very damaging) does not make it to the top half of the scale. Stealing your passwords, financial information, or other confidential details is about the top, and somewhere below that the incremental corruption of files, a few bytes at a time, that isn't noticed for months, by which time it is all through your corporate backups. I think that trying to describe the whole range of possibilities is beyond the scope of the article, and it doesn't really address the aspect that makes viruses viruses rather than non-reproducing malware, which has much the same range of possible effects. TheNameWithNoMan (talk) 19:15, 28 May 2011 (UTC)


 * Only reproduce? Hmmm... Well, like I said: the mercy of the virus writer. Anyway, I have no objection about having a section on what viruses do, but we need a lot of sources, especially for password-stealing viruses. Personally, I had never heard of password-stealing virus before, (though spyware and other forms of malware do that), so I imagine you'll be heavily contested if you put it there without sources. I believe there is only one thing that you'll have no trouble finding source for: "Viruses are bad and inflict damage!" Fleet Command (talk) 07:47, 29 May 2011 (UTC)

Reinstalling the operating system
I've just removed the assertion that "Once a computer has been compromised by a virus, it is usually unsafe to continue using the same computer without completely reinstalling the operating system". Firstly there are viruses that can easily be removed or that never really did anything to make the computer un-"safe". There are others that execute only once and do not leave a permanent infection. There are also viruses that would not be removed by reinstalling the operating system. Stoned and Michelangelo, which infect the BIOS are historic examples, so are modern rootkits that infect bootloaders. Although I'm not aware of any that are considered viruses in the technical sense, I suppose it's possible. Anyway, I rarely hear of people reinstalling their OSs these days because of virus infection and the advice seems far too general and not very helpful. --Lo2u (T • C) 17:53, 13 June 2011 (UTC)


 * i don't think that the presence of a virus requiring a reinstall is verifiable. so i agree with the edit. further, the fact that every major security company has removal tools would suggest that the contrary is true. — Preceding unsigned comment added by 78.105.212.184 (talk) 15:37, 14 June 2011 (UTC)


 * I agree that reinstalling the operating system is neither necessary nor a certain fix for a generalised virus problem. However, it also isn't really advisable to ignore a virus on the basis that it is relatively harmless. The reproductive aspect alone is always a problem, even if it is all the virus does (as is the case with some). If you don't expunge it, your friends, colleagues, and clients are likely to get infected, and this will not be appreciated by them even when the virus is relatively innocuous. Different viruses require different measures to eradicate, and anti-virus software needs to identify the virus to know which measures are appropriate in each case. It is not always possible for the anti-virus to repair or dis-infect the infected programs, so re-installation may sometimes be required, of a software application if not the operating system, but to do so willy-nilly is not sensible. TheNameWithNoMan (talk) 01:40, 15 June 2011 (UTC)


 * I concur. The original statement is piece of POV OR by a frightened person. In reality not always a re-installation is required. Fleet Command (talk) 05:37, 15 June 2011 (UTC)

Incorrect link to Russinovich Advanced Malware Cleaning talk
The updated link is http://technet.microsoft.com/en-us/sysinternals/gg618529 — Preceding unsigned comment added by 24.16.74.107 (talk) 09:42, 25 July 2011 (UTC)
 * ✅ Thanks for the notice. Fleet Command (talk) 10:41, 25 July 2011 (UTC)

Confusing Platform Naming
Recent edits on this page added more confusion. Now the first Apple II virus (Elk Cloner) is attributed as the first "PC virus". It wasn't a PC virus, it was an Apple II virus.

If we want to credit Elk Cloner with a more appropriate description, it probably would be first microcomputer virus or first home computer virus.

Brain was the first PC virus. — Preceding unsigned comment added by 188.238.149.235 (talk) 13:29, 1 January 2012 (UTC)

Operating System Reinstallation blatantly incorrect statement
Hello all... Under the section about operating system reinstallation there is currently a sentance "Restoring from an image is much faster, totally safe, and restores the exact configuration to the state it was in when the image was made, with no further trouble". This is blatantly wrong. Restoring from an image can be slower or faster depending on factors like image location, network traffic, size of image vs size of clean operating system, etc... It is not totally safe because the hard drive is erased, and an error during the restore process will leave your computer in an unusable state. Errors include network interruption, image corruption, and so on. And saying that it restores the exact configuration to the state it was in is accurate, but trouble can exist, for example if the image is old and many updates exist, or if network configuration has changed, or if you have purchased new software which will require licence keys to be re-entered.

The statement is so blatantly wrong, and yet the article is protected and it cannot be edited. At the very least this misleading sentence should be immediately removed, until a new comparison between images and OS re-installation can be prepared using properly referenced research.

Regards, Fabs 115.64.159.41 (talk) 10:37, 5 August 2011 (UTC)


 * Thanks for the note. I'm sorry you couldn't fix the problem directly, due to this article being semiprotected in response to long-term vandalism.  I've removed the sentence.  You're welcome to suggest any other changes, or you could register an account and after four days you'd be able to edit this article yourself.  Adrian J. Hunter(talk•contribs) 14:26, 5 August 2011 (UTC)

bacteria
i suggest a section on viruses that do not need a host file. (that work more like bacteria than a virus.) Jake1993811 (talk) 00:29, 4 January 2012 (UTC)


 * Not sure exactly what you are talking about. MANY viruses do not use a host file- such as the boot sector viruses, that subvert the code in the boot or partition sector of a disk. Others subvert the directory or FAT rather than alter the "infected" file in any way. These are certainly viruses. There are also a lot of other malware programs of various kinds that are certainly not viruses. We don't have a section for them because this wikipedia entry is about viruses, not other things. TheNameWithNoMan (talk) 13:19, 6 January 2012 (UTC)

Archiving- Why?
I notice that some older discussions in talk have been archived recently, and this happens fairly often. I don't understand the purpose of this. The issues that arise in here tend to be reintroduced as soon as the previous threads thrashing them out have disappeared, particularly as popular misapprehensions adhere to this topic like limpets. I tire of the repeated efforts required to debunk the same old false notions again and again, just because the last discussion of them has been moved out of sight. TheNameWithNoMan (talk) 11:34, 5 January 2012 (UTC)
 * The reasons are described at Help:Archiving a talk page. Just disabling archiving probably wouldn't stop rehashes as many people won't check past discussions.  It would be more useful to create a FAQ, like what's at Talk:Evolution or Talk:HIV, though that takes a bit of time.  You can also change the parameters of auto-archiving by editing the  section at the top of this page.  Adrian J. Hunter(talk•contribs) 11:47, 5 January 2012 (UTC)

Mis-translation(s) from the German
In the Academic Work section, the paper by Veith Risak "Selbstreproduzierende Automaten mit minimaler Informationsübertragung" should be tranlsated as "Self-reproducing Automata with Minimal Information Transfer" (not "exchange"). Übertragung is transfer or transmission; "exchange" implies a 2-way flow which is not what's meant, I don't think.

In the following paragraph, Jürgen Kraus' thesis "Selbstreproduktion bei Programmen" - should this be translated as "Self-reproduction in Programming"? The plural of Programm is Programme so is Programmen the activity of programming? Anyway, "diplom" is not correct! - the English word for the German Diplom is diploma.

Cheers! EqualMusic (talk) 09:24, 23 January 2012 (UTC)

Lacks accuracy
The first computer code whose purpose was either hidden or malicious originated on college campuses in the form of practical jokes. Reference to John von Neumann have no relationship other than the fact that a virus is computer code. So reference should be removed.

The name is credited to Len Adleman in this paper authored by Fred Cohen: ( http://all.net/books/virus/part5.html ) and the concept is explained in sufficient detail that, today's script kiddies are incapable of understanding it. Fred Cohen's dissertation is on his site, which is here: http://all.net/. --Kernel.package (not logged in) — Preceding unsigned comment added by 97.122.82.150 (talk) 20:41, 11 February 2012 (UTC)


 * Found the URL: http://all.net/books/Dissertation.pdf -- Kernel.package (not logged in) — Preceding unsigned comment added by 97.122.82.150 (talk) 20:45, 11 February 2012 (UTC)


 * Code whose "purpose was either hidden or malicious" is not the definition of a virus. Viruses replicate. Any malicious or damaging aspect is extraneous to the virus aspect. Lots of malware is hidden or malicious but lacks the replication aspect, so is not a virus. I am not sure what your point re: von Neumann is. Are you saying he was only associated with pranks that did not meet the definition of viruses? TheNameWithNoMan (talk) 09:22, 12 February 2012 (UTC)

Please add the following to Academic Results section
One of the few solid theoretical results in the study of computer viruses is Cohen's 1987 demonstration that there is no algorithm that can perfectly detect all possible viruses. (Copy/Paste from Fred Cohen.)

http://www.research.ibm.com/antivirus/SciPapers/VB2000DC.htm An Undetectable Computer Virus (academic paper).

Academic work hosted on research[.]ibm should be viewed as a very reliable source (my opinion).

Here on wikipedia exists an article which contains the proof (or some sketch of it) but I can't recall it and I was not able to find it.

I think it's said such a fundamental result is not included. But never is too late.

I also made edits on the Antivirus software article. The information I included is correct (my opinion) but I'm not very familiar with editing references. Please, review my edits,improve them and correct the mistakes.
 * My edits were corrected on Antivirus software but they are still lacking rigor. Sorry for crossposting but I feel the two articles are strongly related.
 * 79.119.11.171 (talk) 20:06, 16 February 2012 (UTC)
 * For a better distinction between Malware and Computer Virus, somehow the page Compression virus should be included in the article. 79.113.46.76 (talk) 12:34, 17 February 2012 (UTC)
 * As no one reacted, I signed in and made the edits but, still, I couldn't find the corresponding Wikipedia article. Mv Cristi (talk) 13:51, 17 February 2012 (UTC)
 * I also included the Compression virus example. Please, help clarify if it is just a theoretical example or it was also implemented in practice. Cruncher may be an example, but I do not know if it is benevolent. Anallise references on Compression virus. 79.113.46.76 (talk) 14:39, 17 February 2012 (UTC)


 * Antivirus experts don't accept the validity of the concept of a benevolent virus. Any benevolent function can be implemented without involving a virus. Any virus will make unauthorised changes to a computer, which is undesirable even if no damage is done or intended. TheNameWithNoMan (talk) 22:47, 18 February 2012 (UTC)


 * I consider Fred Cohen to be expert in viruses. Antivirus experts are nowadays related to money more than science. If I am sysadmin responsible for 10000 interconnected computers, and I have to make a single change on all of them, I might try to write a virus which spreads, makes the changes and than delete itself. 79.119.3.106 (talk) 00:07, 12 March 2012 (UTC)


 * Fred Cohen is an academic. Antivirus experts working in the real world have a different perspective, however you might characterise their motivations. They would immediately see the flaw in your plan above. TheNameWithNoMan (talk) 09:33, 12 March 2012 (UTC)


 * I know personally some people working in the AV industry of the real world (as a former employee of such a company). My personal opinion is that your judgement is subject at least to belief bias. By the way, just give an example with a reference, because I consider your opinion is based on weasel words. 79.119.11.92 (talk) 12:51, 17 March 2012 (UTC)


 * I was a programmer and (published) researcher for an anti-virus software company, so I am familiar with the issues and of course know some of the people, but this is the talk section, not the encyclopaedia, so I don't see any need to reference my statements here. Belief bias would apply to the notion that viruses can be beneficial, as well as the reverse. Academics can play with interesting ideas, but the problem with this notion in the real world is that viruses are uncontrolled. There are many examples of viruses that don't work as their creator intended, but there is no way to recall them once they are loose, so they continue to propagate as long as that aspect of the virus works at all. Even if they work exactly as the creator intends, and do some task which might be generally regarded as desirable, they are still not beneficial insofar as they make unauthorised changes to a computer (replication is itself such a change). This is actually illegal in itself in many countries, including Great Britain. Above all, there is no need for a virus to do any desired task. The only reason to try to create such a thing is in an effort to prove that viruses can be beneficial. It's a circular argument. Any beneficial task can be done without a virus. The virus adds nothing to the task but a virus, which by definition is a self replicating program that is not under the control of its creator once it is released. That is a problem in itself, and it doesn't matter what beneficial aspect such a program tries to impose on the computers it encounters in its travels. TheNameWithNoMan (talk) 13:32, 17 March 2012 (UTC)


 * First of all, if not obvious, I am the user Mv Cristi, under all these ip's. Anyway. Just take the following example (I doubt it exists in reality). I am an antivirus software company owner. The company was created on my own work (I wrote the first version of antivirus). The company grew very large an it has hundred of computers. I want to make the same change on all of them. I write a piece of code with the ability to replicate. It spreads just on my property. It is able to make the change. It makes the change, spreads on other computers and then deletes itself on the local computer. If it spreads to a computer where the change was made, it just deletes itself on that computer (without spreading). Now, what's illegal in this. Or this is not a virus. I have a problem with your your statement "The virus [...] which by definition is a self replicating program that is not under the control of its creator once it is released." Is that the definition of Fred Cohen, or he is just an academic, without a "real world cause", ... nor "a clue about the real world"? Another thing. The references should be added on the article page on your claim about what "Antivirus experts agree". Another thing. Why do you stick the attribute "make unauthorised changes to a computer" to a computer virus. Another thing. Why do you mix "law" with "Computer virus" in this way? For me, it seems biased by an attitude to fallaciuoslly self-defend the real cause of AV companies: to make as much profit as possible. These are just my stated opinions. I don't claim you to be wrong. I don't claim AV companies engage in deceptive tactics. But anyone is free to analise and state it's conclusions. 79.119.11.92 (talk) 09:11, 18 March 2012 (UTC)

Edit request on 11 March 2012
71.234.99.95 (talk) 22:46, 11 March 2012 (UTC)
 * No request made-- Jac 16888 Talk 23:02, 11 March 2012 (UTC)

Edit request relating to section 5.4.1, Virus Removal
I would like to request an edit replacing the sentence, "Users running a Microsoft operating system can access Microsoft's website to run a free scan, provided they have their 20-digit registration number.". Specifically I would like to request the article mention Microsoft's free antivirus, Microsoft Security Essentials, as the Microsoft website no longer offers the online scan service to my knowledge.

Asmcint (talk) 22:24, 17 March 2012 (UTC)


 * Online scan ref removed and reference to free internet software (generic) and Windows update anti-malware added. TheNameWithNoMan (talk) 12:54, 23 March 2012 (UTC)

Edit request on 22 March 2012
Please add a few sentences such as abbreviations of computer virus. Virus, or VIRUS stands for Vital Information Resource Under Siege. However, this abbreviation differs on different terminologies (telecom, military, security, software). But the differences are very much negligible I think, like, Resources instead of Resource.

Source: http://www.abbreviations.com/VIRUS

Orioncaspar (talk) 17:29, 22 March 2012 (UTC)

Not done: please provide reliable sources that support the change you want to be made. That search provides some possible acronymic meanings for virus, but you need a relaible source which says that one of those actually is the source of the term. Thanks, Celestra (talk) 02:59, 23 March 2012 (UTC)

The real source of terminology appears in the history section: Fred Cohen.


 * Well known as a "backronym", which is to say a made-up sequence of words constructed to fit the initials of some term which never was an acronym in the first place. Computer viruses were originally so named simply because their behaviour was similar to biological viruses, being able to replicate, but needing to subvert another program (not necessarily an executable file) in order to do so. This backronym is particularly tortured. In 1995, Dr. Alan Solomon, then a leading anti-virus researcher and programmer, now long retired, wrote "In retrospect, it's unfortunate that the word 'virus' was used- it makes the problem sound a lot worse than it is ... It might have been better to use the word 'weed'." Incidentally, this represents a re-emergence of this topic, which was already thoroughly talked over in previous posts which have been archived out of sight. I repeat my plea that such issues NOT be archived, as they just come back again and again.TheNameWithNoMan (talk) 09:51, 23 March 2012 (UTC)

Disappearing links?
I have been unable to access two of the files in the "External Links" section at the end of the article. No error message or anything, just a blank page. These are for "A Brief History of PC Viruses" (early) by Dr. Alan Solomon" and "Are 'Good' Computer Viruses Still a Bad Idea?"

Does anyone know whether these links have permanently gone bad? They are hosted at vx.netlux.org.

I have found an alternative link to Dr. Solomon's history here: http://www.mindpride.net/root/Extras/Viruses/computer_virus_history_1.htm

TheNameWithNoMan (talk) 14:40, 23 March 2012 (UTC)s it


 * Is it a reliable source, or is just some personal impression you pretend to be reliable. For me, the second case seems more plausible? By the way, is "Dr. Solom" some weasel word; that's seems to me.
 * Is the reference weight like:
 * which is on reasearch.ibm.com
 * Keywords: .com, IBM, Reasearch
 * I think the cited source is biased, after reading it (just a looser virus expert wannabe, interested in money: he was involved financially in the AV busyness). So, after some time, I'll add a tag to your edits, and let some 3rd parity to make some changes.
 * 79.119.1.103 (talk) 18:22, 23 March 2012 (UTC)
 * 79.119.1.103 (talk) 18:22, 23 March 2012 (UTC)


 * Dr. Alan Solomon is a highly respected figure in the anti-virus world, and your remarks verge on libel. His Anti-Virus Toolkit was the premier AV solution of it's time in the United Kingdom and elsewhere, receiving the Queen's Award for Technology. His company was eventually sold to Network Associates, the same people that bought McAfee's company, and they continued to produce and update "Dr. Solomon's Anti-Virus Toolkit" under its original name for some time. The "brief history" referenced is just one of his lesser written pieces which happens to be available on the net. The full version of his Virus Encyclopaedia, co-authored by Dmitry Gryaznov, once a research scientist at the Program Systems Institute, Russian Academy of Sciences (where he did virus research in an academic environment), is unfortunately only available in physical book form as far as I know, although a precis was available on the net.


 * You appear to be taken by the conspiracy theories that cluster around this subject. Imputing motives of greed to software producers, or indeed any commercial enterprise, ignores the fact that these people can only succeed by producing articles or services that others want to buy. The way to maximise your income from such an enterprise is to produce better and more affordable products, not to try to think up ways to cheat and lie as you seem to automatically assume. TheNameWithNoMan (talk) 19:38, 23 March 2012 (UTC)


 * Searching for a link to the precis of Dr. Solomon's book, I find that there is actually a wikipedia entry about his anti-virus software: https://en.wikipedia.org/wiki/Dr_Solomon%27s_Antivirus
 * TheNameWithNoMan (talk) 19:45, 23 March 2012 (UTC)

Incomplete sentence in Computer virus article.
"Although most of these viruses did not have the ability to send infected email messages, those viruses which did take advantage of the Microsoft Outlook COM interface."

There seems to be something missing in the above. There is no verb in the main clause, i.e., what did those viruses do? interface ... BobF (talk) 12:41, 9 April 2012 (UTC)


 * It isn't very clear, but it is there by implication, i.e. "those viruses that did (have the ability to send infected email messages) take advantage of the Microsoft Outlook COM interface." TheNameWithNoMan (talk) 17:55, 9 April 2012 (UTC)

Added a picture
Please tell me if my picture on the top of the article doesn't meet any wiki policy.--Napsync (talk) 19:16, 20 May 2012 (UTC)

Edit request – 26 May 2012
In the very first section: one GIVES a lecture, one does not HOLD a lecture. Please change, whoever has editing authorisation. 22:16, 26 May 2012 (UTC) — Preceding unsigned comment added by Theonemacduff (talk • contribs)
 * ✅ Codename Lisa (talk) 16:24, 27 May 2012 (UTC)

Poorly researched or absent NPOV
A computer "virus" was first defined by Fred Cohen, "We define a computer 'virus' as a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself. With the infection property, a virus can spread throughout a computer system or network using the authorizations of every user using it to infect their programs. Every program that gets infected may also act as a virus and thus the infection grows." (http://all.net/books/virus/part2.html. Retrieved 11 Aug 2012). From the same paper, "The key property of a virus is its ability to infect other programs, ..."

The article incorrectly refers to code as "Fred Cohen's Compression Virus" yet Fred Cohen did not create such a virus. Quoting him, " A sample compression virus could be written as follows:" (emphasis added). (ibid). There is no evidence such a virus was ever found either in a lab or in the wild.


 * I expect the writer meant his theoretical compression virus. I have changed the article text to reflect this. I agree that there is probably no such virus in reality, and if there were, it would not have been written by him. TheNameWithNoMan (talk) 18:47, 11 August 2012 (UTC)

"Dr. Solomon's Virus Encyclopaedia" is neither thorough nor accurate, as claimed in the article. This is a shameless plug. Viruses are bad because their presence is a violation of trust. Nothing more, nothing less.


 * Have you read it? Not just the précis which has been available on the net, but the full printed book? I have two editions, 1992 and 1995. Obviously works of this age are not going to be thorough, in the sense that they cover only the early years, but they are accurate for the period when they were current. I dispute your "violation of trust" assertion. That seems to be based on a moral code, and I am not sure what the trust is placed in or what is violating it. Dr. Solomon's explanation of why viruses are bad is to do with how they affect users and relationships between users. As for it being a plug, a plug for what? Neither the book nor Dr. Solomon's antivirus package has been available for many years.TheNameWithNoMan (talk) 18:47, 11 August 2012 (UTC)

Von Neumann's work has nothing to do with viruses. His work pertained to state machines and how an engineer can write a program that writes a program. This has nothing to do with a lack of trust. However, the idea that he was one of the first to write about a virus is a philosophical argument I've heard before, in banter between people with a rudimentary knowledge of computers who also like to argue.

The phrase "Fred Cohen published a demonstration" is an oxymoron. What Fred Cohen published is a mathematical proof (a "theoretical" model).

There are no authoritative references to a "Creeper" virus as described. Article text is nearly a verbatim copy from Symantec: Folklore at its best.

The "Stoned Virus" is a boot-sector virus in the mid 1980s was ubiquitous in university networks and should not be overlooked.

Referring to Fred Cohen as an "Academic" is a gross error that can't be explained.

Discloser: I have no affiliation with Fred Cohen or his company but have followed his work since the 1980s.

Kernel.package (talk) 14:54, 11 August 2012 (UTC)

Microsoft's Patch Tuesday virus ;-)

 * At year end, when people are doing online Xmas shopping, Microsoft's Patch Tuesday update apparently scares the hell out of computer users; it seems that they think that a virus has taken over their computers. So they do a search on "Computer virus" and turn up  this Wikipedia article.
 * As a result, an article that normally gets about 4,000–16,000 pageviews per day suddenly gets 650,000–750,000 ;-) LittleBen (talk) 09:41, 12 January 2013 (UTC)

Section on "Avoiding bait files and other undesirable hosts"
Googling for phrases in this section, like "Bait files (or goat files)" turns up the book "Cryptography and Information Security", by V. K. Pachghare. Several phrases from this book seem to be quoted verbatim without being attributed, and they also appear on other public BBSes. The usual definition of "bait files" would seem to be "malicious email attachments intended to trick users into opening them", which is quite different from this "goat file" apparent nonsense which was possibly planted here by the book's author. I have commented out this section in case anybody opposes deleting it. LittleBen (talk) 10:10, 12 January 2013 (UTC)


 * The information about goat files is accurate, if outdated. There were file viruses in the MSDOS days that avoided infecting small executable files as these were used by anti-virus researchers as a way to store a collection of file viruses compactly in a library. Researchers used to exchange collections amongst themselves on floppy disks, though my last collection of about 3500 (when I stopped working in the field) is mostly stored on an early 128MB optical disk that I can no longer access. If a virus refused to infect very small executables it was possible that a researcher would miss it or at least be puzzled or inconvenienced, anyway that seemed to be the reasoning. The same is true about fast and slow (or sparse) infectors. Infecting every available file was much more likely to be noticed than infecting just a few now and then. A not very effective strategy, not much used, and long ago, but real. TheNameWithNoMan (talk) 16:51, 13 January 2013 (UTC)

Precedence in science fiction
I am concerned by the suggestion that:

"The actual term "virus" was first used to denote a self-reproducing program in a short story by David Gerrold in Galaxy magazine in 1969—and later in his 1972 novel, When HARLIE Was One. In that novel, a sentient computer named HARLIE writes viral software to retrieve damaging personal information from other computers to blackmail the man who wants to turn him off." particularly as there are no references to identify the actual story or the context thereof.

As far as I can see, the novel WHEN HARLIE WAS ONE does mention "virus" but only as the NAME of a particular computer program rather than in the general sense in which the term is now used. The novel also mentions another program, called VACCINE, that is used to counter the effect of VIRUS.

The novel was published in 1972 based, in part, on short stories that had appeared earlier. One of those ("Oracle for a White Rabbit") did indeed appear in Galaxy Magazine in December 1969 but as far as I can see that story does NOT mentioned the VIRUS program. Indeed, I can't find the program mentioned in any of the short stories, suggesting that the 1972 novel appearance was the first.

If this is correct, then Greg Benford's story "The Scarred Man" (which appeared in the May 1970 issue of VENTURE) takes precedence as that also mentions a computer program called VIRUS and another program, called VACCINE, which counters the effect of VIRUS.

Personally I don't really feel that either Benford or Gerrold should take credit for the term as each simply mentions a program called VIRUS, rather than discussing a "self-reproducing program", and would be inclined to give that credit to John Brunner in SHOCKWAVE RIDER but I'll leave that to wiser heads than mine and if the program VIRUS is regarded as a valid precdent then I'm pretty sure the credit belongs to Benford rather than Gerrold.

Philsp (talk) 08:54, 28 January 2013 (UTC)

From David Gerrold:
There were four stories published in Galaxy and IF, about HARLIE. The first was "Oracle For A White Rabbit." These were followed by "The GOD Machine", "Trouble With GOD", and "For GOD's Sake." Those four stories were all written as parts of the novel WHEN HARLIE WAS ONE.

The discussions of the VIRUS and VACCINE programs did not appear in the first story, but in either the second or third stories, which were published in 1970-71. The book was finished in 71, but was delayed by Dell and sold instead to Ballantine books who published it in 1972. — Preceding unsigned comment added by David Gerrold (talk • contribs) 03:30, 29 January 2013 (UTC)


 * Could you be more specific about the appearance of the VIRUS and VACCINE programs? I skimmed through all four stories but could not find them mentioned, but could easily have missed them. The publication dates for the four stories were:


 * - Oracle for a White Rabbit: GALAXY December 1969
 * - The GOD Machine: GALAXY May 1970
 * - Trouble with GOD: Galaxy May 1972
 * - For GOD's Sake: GALAXY July 1972


 * As there was no mention in the first story, the cited 1969 date is clearly wrong. If it is mentioned in the second story then this is simultaneous with the Benford story. If in the third story (or later) then the Benford must clearly take precedence.


 * From what I can see, in addition, the specific term "computer virus" is never used in either stories or book so it would be incorrect to suggest the term had been coined in these stories. Philsp (talk) 08:11, 29 January 2013 (UTC)

Big increase in pageviews since 2012/11

 * latest — #163 on the top 5000 list as of March 10, #105 as of April 7
 * 2013/02
 * 2012/11
 * Related articles might be better in a sidebar template. LittleBen (talk) 17:37, 1 March 2013 (UTC)

Edit request on 10 March 2013
(No information provided as to what you think needs changing).

116.202.182.106 (talk) 15:38, 10 March 2013 (UTC)
 * Red question icon with gradient background.svg Not done: please be more specific about what needs to be changed. TB  randley  (review) 16:09, 10 March 2013 (UTC)

Recommend deleting an external link
Hello. I recommend deleting this line:
 * Virus removal and other Malware

It doesn't appear to be of much actual help. It just seems like a purely ad-based site with popular keywords in its domain name. Thanks. Dr Dinosaur IV (talk) 07:25, 21 April 2013 (UTC)


 * Thanks for pointing this out, I'll fix it. Feel free to make such good-faith corrections yourself in future if you wish, or add the edit semi-protected template to your message on the article's talk page (see example above) to flag your message for attention if you'd prefer somebody else to fix the problem.
 * Also feel free to ask on my talk page if you'd like help with anything. Best regards. LittleBen (talk) 11:25, 24 April 2013 (UTC)

Request
I'm not sure how to add the right template to this request. There's a sentence in the article that reads, 'In 1997, when a virus for Linux was released—known as "Bliss"—leading antivirus vendors issued warnings that Unix-like systems could fall prey to viruses just like Windows.' This should be changed by either removing the word 'when' or removing the word 'leading'.
 * I am not sure that anything was wrong, but have split the sentence into two sentences.   Robert McClenon (talk) 01:14, 21 June 2013 (UTC)