Roadmap

3.1.1 Ways in which a computer can get a virus 3.1.2 Sign of a computer virus

3.2 Types of computer virus

3.3 Ways of preventing a virus in computer operating system 4.0 Summary

5.0 Conclusion

6.0 Tutor-Marked Assignment 7.0 Reference/Further Reading 1.0 INTRODUCTION

In unit 2 we explained that computer networks enable computers to communicate and share data, information resources and applications. As computer systems have become all-encompassing in their applications the need to protect the integrity of the computers has also grown. In this unit we will discuss meaning of virus, their types, how they threaten the operating system and ways to prevent them from destroying the operating system.

2.0 INTENDED LEARNING OUTCOMES (ILOS) By the end of this unit, you will be able to:

• Understand the concept of virus

• Identify the different types of viruses

• Understand how to prevent a virus from attacking the operating system

3.0 MAIN CONTENT

3.1 OVERVIEW OF THE CONCEPT OF COMPUTER VIRUS

In an era of information explosion and information driven environment, individuals and businesses must learn how to manage and protect their information against attacks and risks which spread through electronic communication. Such risks come as virus.

A virus according to Silberschatz et al (2016) is a fragment of code embedded in a legitimate programme. The Economic Times (2021) describes it as a malicious software programme loaded onto a user’s computer without the user’s knowledge and performs malicious actions. It is a malicious code which spreads from one device to another. From the above definitions, it can be deduced that virus is a set of coded programmes which is meant to disrupt the functionalities in a computer system. It could also be seen that a computer system can have a virus without the users’

knowledge. Not all computer viruses are harmful or destructive. Some of them are designed by their programmers to assist in identifying security loopholes in certain organizations or government agencies. Their aim is to improve system security.

The term virus was derived from the Latin which means "poison or toxic". The origin of the computer virus could be traced to Fred Cohen, an American who is the first to programme the first virus in 1983. Even though Fred is not a hacker but a Professor of computer security at the University of New Haven, he laid the foundation for the development of virus as we have it today.

Fig 78: Source:https://www.missioncriticalmagazine.com/articles/93186-biological-viruses-versus-computer-viruses

When a virus attacks a computer system, the infected application (which is usually at the request of the user) moves the code it is carrying into the Central Processing unit (CPU) before any of the legitimate codes implements. At this instance, the virus broadcasts itself by infecting other files and application and inserting malicious codes in the computer. The virus can infect a programme while it is in use or files can be infected even when they are not running. Once the virus has taken hold of this computer, it starts executing its payload. A payload is term used to describe the malicious codes that implements the reason for creating the virus.

3.1.1 WAYS A COMPUTER CAN GET A VIRUS

A computer can get virus in many different ways. Some of them include:

i. When sharing music, photos, videos and files with other computers ii. When opening an email or a spam mail from an unknown sender

iii. When downloading free games, media players, toolbars and other utilities iv. When downloading and installing some software.

v. By clicking on suspicious sites vi. By clicking on some online adverts

3.1.2 SIGN OF A COMPUTER VIRUS

There are signs a computer will be showing for the user to know that it has been infected by a virus. Some of such signs include:

i. Frequent crashes of the computer

ii. Unusual and frequent pop up of windows or applications iii. Unusual changes in password

iv. Mass message being sent out from your account or email v. Unusual loss of data

vi. Slow performance of the computer 3.2 TYPES OF COMPUTER VIRUS

There are literally thousands of viruses but they fall into several main categories.

These categories are discussed below:

i. File virus: This type of virus category infects a system by attaching itself to a file. It alters the start of a programme so that execution uses its code to start the programme. After it executes, it returns control to the programme so that its execution is not noticed. File virus are sometimes known as parasitic viruses as they leave no files behind and allows the programme to run normally.

ii. Boot virus: A virus infects the boot section of the system. It executes every time the system is booted before an operating system is loaded. It also infects any bootable media. This type of virus is also known as memory viruses because they cannot be seen in the file system.

iii. Macro Virus: Macro virus is a high-level language virus (Visual Basic) which is triggered when a programme capable of executing a macro application is turned on.

iv. Source code virus: A source code virus identifies source codes and modifies it to include the virus and to assist in spreading the virus

v. Polymorphic virus: A polymorphic virus tries to avoid detection by antivirus by changing each time it replicates itself. This change does not affect its functionality but rather changes its signature (a pattern that can be used in identifying a virus).

vi. Encrypted virus: An encrypted virus adds decryption code with the encrypted virus in avoid to detection

vii. Armored virus: An armored virus is coded in such a way that antivirus researchers are unable to comprehend it. It is also compressed to avoid detection. It hides in files and cannot be viewed in file names.

Wells (2010) identified other types of viruses to include

i. A worm: This is the type of virus that makes a copy of itself, resulting in the consumption of system's resources. It slows the system down or actually halts tasks. Worm do not have to attach themselves to other files to execute.

ii. A Time Bomb: This is the type of virus that does not cause its damage until certain date or until the system has been booted a certain number of times.

iii. A logic Bomb: A logic bomb is a virus triggered by the appearance or disappearance of a specific data

iv. A Trojan horse: This is the type of virus that does something different from what it is expected to do. It may look like it is doing one thing while in actuality it is doing something quite opposite

3.3 WAYS OF PREVENTING A VIRUS IN COMPUTER OPERATING