Preserving Infections

Insane Reality Magazine [8]
December 1996

In IR magazine issue #7 I presented an article named `Post Discovery Stratagies'. This article discussed measures that could be taken to protect your virus from analysis by AV researches, once it had been discovered. i.e. firstly, Pre-Discovery Stratagies (stealth) are used to reduce chances of the virus being discovered. Secondly, once the virus is discovered, Post-Discovery Stratagies (slow-polymorphy, anti-bait code, etc) are used to make it more difficult for the AV to write a program that can detect the virus. This article is the next stage - Now the virus can be detected, how can we stop them getting rid of it?

This document will be divided into two sections - one discussing preserving file infections, and one discussing preserving boot infections.

