0
What are the differences between polymorphic and metamorphic virus?
Wiki User
∙ 12y ago
The affect of a polymorphic virus on a computer is exactly the same as any other virus. That is, that it is capable of the same processing as any other piece of software.
The name polymorphic or in English "Many Shapes" refers to the virus's programmed ability to alter its own code when replicating itself to avoid detection.
Most simple antivirus programs use a sample of code to match against a suspected file to identify a virus. Changing the code makes detection impossible using this technique.
A more accurate method of locating a virus is to examine the code and programmatically detect what the code does. For instance if within the few lines it instructs the computer to wipe the hard drive it is 99.9% likely that this is malicious. A statistical assessment of the code is made and if the code breaches the chances of being highly malicious, then the code is flagged for removal.
This technology is called Heuristic analysisand is not without it's problems. The trigger level between virus and non-virus can be set too high or low, resulting in false positives or failure to detect malicious software. False positives can be triggered by software that does some to the things that Viruses are likely to do, such as formatter programs or communicating with a centralised server.
Overall the combination of both systems plus a register of known good and bad software is the most effective at detecting virii.
Wiki User
∙ 10y ago
Wiki User
∙ 12y agoPolymorphic code always returns to the code origin. Metamorphic code doesn't, it creates an large amount of different versions.
Add your answer:
Earn +20 pts
What is a Polymorphic virus?
A polymorphic virus is an advanced type of computer virus. It is similar to an encrypted virus in that it consists of an encrypted copy of the virus and a small decrypting module but every time a polymorphic virus infects a file it encrypts itself differently and rewrites the decrypting module. A well written polymorphic virus therefore has no parts that remain the same between infections making it hard for anti-virus software to detect using virus signatures.
Which virus can change its own code?
polymorphic
What is the name of the polymorphic virus outbreak?
There have been several polymorphic virus outbreaks. In 1991, the Tequila virus was the cause.
What is polymorphic regarding malware?
To change and restructure in multiple ways, so as to show a different signature and thus avoid detection. For instance, if you link-edit a large group of object modules, their order is not 100% critical as long as they're accessed at the proper entry point. So malware that changes the hash and the signature of the executable this way as part of its operation can be said to be polymorphic.
What is polymorphic virus?
A polymorphic virus is a virus that can "shape-shift" from every infection, making it extremely hard for antiviruses using virus signatures to detect viruses to detect it.
What is name of the polymorphic virus outbreak in 1991?
the answer Tequila is the name of the outbreak in 1991
What is the name of the polymorphic virus in 1991?
The name is Polymorphicalayyelas virus
As a virus replicates it changes its characteristics?
polymorphic
How old do you have to be to enter Ghost Hunters Academy?
Polymorphic code was the first technique that posed a serious threat to virus scanners. Just like regular encrypted viruses, a polymorphic virus infects files with an encrypted copy of itself, which is decoded by a decryption module. In the case of polymorphic viruses, however, this decryption module is also modified on each infection. A well-written polymorphic virus therefore has no parts which remain identical between infections, making it very difficult to detect directly using signatures. Antivirus software can detect it by decrypting the viruses using an emulator, or by statistical pattern analysis of the encrypted virus body. To enable polymorphic code, the virus has to have a polymorphic engine (also called mutating engine or mutation engine) somewhere in its encrypted body. See Polymorphic code for technical detail on how such engines operate.[21] Some viruses employ polymorphic code in a way that constrains the mutation rate of the virus significantly. For example, a virus can be programmed to mutate only slightly over time, or it can be programmed to refrain from mutating when it infects a file on a computer that already contains copies of the virus. The advantage of using such slow polymorphic code is that it makes it more difficult for antivirus professionals to obtain representative samples of the virus, because bait files that are infected in one run will typically contain identical or similar samples of the virus. This will make it more likely that the detection by the virus scanner will be unreliable, and that some instances of the virus may be able to avoid detection.
Does Polymorphic Change itself from a virus to a worm?
A polymorphic virus not only replicates itself by creating multiple files of itself, but it also changes it's digital signature every time it replicates.
What is the of the polymorphic virus outbreak in 1991?
the answer Tequila is the name of the outbreak in 1991
Viruses that periodically change their code to avoid detection are called?
polymorphic virus
