These viruses are spread on the internet the day grew much so that many companies like kaspersky antivirus providers, McAffe, Norton and others competing to make a very powerful antiviral.
Making an antivirus alone certainly can not be separated from the introduction of the virus itself. We must analyze how it works, what it can do by a virus in it, what are infected and so forth.
To perform the analysis of a virus usually requires tools that can menganaliasa a virus in detail and quick.
Here are some tools you can use to analyze a virus.
1. Malcode Analysis Pack
(Http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you analyze a malcode.
Examples such as ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so forth.
2. For Windows Autorun
(Http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of auto-starting of the startup screen in windows.
This application will show the programs that run during the system bootup or login.
3. Regmon for Windows
(Http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
This tool can show which applications are running to access the registry on your system.
All will be displayed in real-time
4. FileMon for Windows
(Http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx)
This tool will display the activity system of an operating system file in real-time.
5. Multipot (http://labs.idefense.com/software/download/?downloadID=9)
This application is designed to collect a lot of malicious code found on the internet.
6. Process Explorer for Windows
(Http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
This tool handles dal find out information about DLLs processes that are currently open.
This application will show a list of processes that are active at that time.
7. Resource Hacker (http://www.angusj.com/resourcehacker/)
Tools that can be used to change the resource on win32 executables and resource files to another.
8. Rootkit Unhooker (http://www.antirootkit.com/software/RootKit-Unhooker.htm)
Applications for mendateksi rootkit.
Some of the features offered include Ultimate Drivers Detection, Hidden Files Detection and so on.
9. SysAnalyzer (http://labs.idefense.com/software/download/?downloadID=15)
This tool is able to analyze malcode automatically run time to monitor what is being done by the system and running processes.
10. PE Identifier (http://www.peid.info/)
This application is used to detect packers, cryptors.
This tool is capable mendeteks more than 600 signatures different from the PE file.
11. VB Decompiler Lite (http://www.vb-decompiler.org/download.htm)
A program decompiler for programs that berextensi EXE, DLL and OCX.
12. MiTec EXE Explorer (http://www.mitec.cz/exe.html)
This tool was created as an executable reader.
This application is able to read and displays executable file properties and structure of a file that is analyzed.
Monday, May 9, 2011
Tools To Analyze A Virus
Posted by Nor at 6:45 PM
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment