A stealth virus is a type of computer virus that effectively hides itself, hence the name, once it has infected a computer system. This type of virus can usually be spread through the same means as any other virus, through malicious programs, email attachments, and installs made through various websites with malicious programming. Once it is installed onto a computer, then the virus becomes very difficult for an anti-virus program to detect and eliminate it during a virus scan. A stealth virus typically makes a copy of the original, uninfected data on a drive so that it can relay this information to an anti-virus program during a virus scan.
Though many different types of viruses use different methods to remain concealed prior to installation, a stealth virus is programmed to remain undetected once installed onto a computer. There are a number of ways a virus can become difficult to properly and fully remove from a system after infection, and a stealth virus uses the system itself to hide its presence. Most viruses, once installed onto a computer system, begin to corrupt and take over various aspects of the system and then perform a wide range of malicious tasks on the system. This action is what makes the virus detectable, since an anti-virus program is able to find where changes have been made.
A stealth virus, however, actively works to conceal the changes that have been made to make detecting the virus far more difficult. There are different ways this can be achieved, and the programmer of a virus will usually decide what type of approach to utilize. One of the most common ways to make a stealth virus is to program the virus to create a copy image of the original system prior to infection. This image is then used when the system is called upon, so that anti-virus programs “see” only the original system and not the infected version.
There are several ways to work around the deception of a stealth virus, including booting from a disk before a virus scan to avoid the systems over which the virus has control. A stealth virus can also potentially avoid deletion from an anti-virus program by making a copy of itself on the hard drive, and concealing that copy from detection. After a virus scan is run and the virus is detected and deleted, the virus then reinstalls itself during the next startup of the computer. This can make proper detection of the virus difficult, and usually requires more updated anti-virus software that is programmed to find the hidden copy as well.