Question

How can a Targeted worm or virus avoid detection by a virus scanner? Give the most relevant answer.

Answer 1

Answer:

Here are some methods virus or worm use to remain undetected from virus scanner:

1. Stealth

• Viruses ordinarily uncover their quality during contamination. For instance, a file-tainting virus commonly changes the size, time, and date stamp of the file that it contaminates.
• In any case, file-tainting viruses that utilization stealth methods may contaminate a program without changing the program's size, time, or date, in this way staying covered up.
• Boot viruses consistently use stealth strategies. At the point when the computer peruses a plate's boot part, the boot virus rapidly stacks the genuine boot area (which it has securely buried in another area on the circle) and holes up behind it.
• This resembles having your folks call you at home to ensure you're maintaining good manners, yet you truly pick up the telephone at the local pool lobby by utilizing call sending.
• To the extent your folks are concerned, they called your home number and you replied. Be that as it may, in actuality, their call got directed from your home telephone to the pool lobby telephone.
• Such confusion is the means by which boot viruses use stealth methods to conceal their essence from the computer.
• As a rule, stealth procedures veil the virus's quality from clients yet can't generally trick an antivirus program. For further insurance against an antivirus program, viruses may utilize polymorphism.

2. Polymorphism

• To prevent from contaminating a similar file or boot area again and again (and uncovering itself), viruses should initially verify whether they have just tainted a specific file or boot segment.
• To do as such, viruses search for their very own mark the arrangement of directions that make up that specific virus.
• Obviously, antivirus programs can likewise discover viruses by searching for these marks, as long as the virus has been gotten and analyzed if that hasn't occurred, an antivirus program will never know the virus' mark.
• Whenever indicted hoodlums could alter their fingerprints each time they carried out wrongdoing, they would be more enthusiastically to get. That is the thought behind polymorphism.
• Hypothetically, a polymorphic virus changes its mark each time it taints a file, which implies that an antivirus program can never discover it.
• Nonetheless, in light of the fact that polymorphic viruses need to ensure they don't contaminate a similar file, again and again, polymorphic viruses still leave a little unmistakable mark that they (and an antivirus program) can even now discover.

3. Retaliators

• The best barrier is a decent offense. As opposed to inactively avoiding an antivirus program, numerous viruses effectively search out and assault them.
• At the point when you utilize your most loved antivirus program, these fighting back viruses either alter the antivirus program so it can't identify the virus or they taint the antivirus program so that the antivirus program really helps spread the virus.
• In the two cases, the assaulted antivirus program brightly shows a "Your computer is without virus" message while the virus is joyfully spreading all through your computer.