Which term describes viruses designed to confuse or trick antivirus systems to prevent detection?

Armored viruses describe malware that hides its true code and behavior so security tools can’t easily analyze or detect it. By packing, encrypting, or obfuscating payloads and sometimes using self-modifying or deceptive routines, they resist both static signature checks and basic dynamic analysis, making it harder for antivirus programs to understand what the code will do. The other terms refer to specific evasion techniques—anti-emulation tries to detect sandboxed environments, anti-heuristics tries to fool heuristic scoring, and anti-disassembly complicates turning the code into a readable form—whereas armored viruses describe the overall strategy of making analysis itself unreliable, which is why this term best fits the description.