Which of the following infects the computer and then hides itself from detection by antivirus software?

Which of the following infects the computer and then hides itself from detection by antivirus
software?

Which of the following infects the computer and then hides itself from detection by antivirus
software?

A.
EICAR virus

B.
Boot-sector virus

C.
Macro virus

D.
Stealth virus

Explanation:
A stealth virus is a file virus. It infects the computer and then hides itself from detection by antivirus
software. It uses various mechanisms to avoid detection by antivirus software. It hides itself in
computer memory after infecting the computer. It also masks itself from applications or utilities. It
uses various tricks to appear that the computer has not lost any memory and the file size has not
been changed.
The virus may save a copy of original and uninfected data. When the anti-virus program tries to
check the files that have been affected, the virus shows only the uninfected data. This virus generally
infects .COM and .EXE files.

Answer B is incorrect. A boot sector virus infects the master boot files of the hard disk or floppy
disk. Boot record programs are responsible for booting the operating system and the boot sector
virus copies these programs into another part of the hard disk or overwrites these files. Therefore,
when the floppy or the hard disk boots, the virus infects the computer.

Answer C is incorrect. A macro virus is a virus that consists of a macro code which infects the
system. A Macro virus can infect a system rapidly. Since this virus has VB event handlers, it is
dynamic in nature and displays random activation. The victim has only to open a file having a macro
virus in order to infect the system with the virus. DMV, Nuclear, and Word Concept are some good
examples of macro viruses.

Answer A is incorrect. The EICAR (EICAR Standard Anti-Virus Test File) virus is a file that is used to
test the response of computer antivirus (AV) programs. The rationale behind it is to allow people,
companies, and antivirus programmers to test their software without having to use a real computer
virus that could cause actual damage should the antivirus not respond correctly. The file is simply a
text file of either 68 or 70 bytes that is a legitimate executable file called a COM file that can be run
by Microsoft operating systems and some work-alikes (except for 64-bit due to 16-bit limitations),
including OS/2. When executed, it will print “EICAR-STANDARD-ANTIVIRUS-TEST-FILE!” and then
stop. The string used in the EICAR virus is as follows:



Leave a Reply 0

Your email address will not be published. Required fields are marked *