The virus is spread in the Internet, from day to day growing more and many companies such as Kaspersky antivirus providers, McAffe, Norton and others compete to create an anti-competition that is very powerful.
Making a course antivirus alone can not be separated from the introduction of the virus itself. We must analyze how it works, what is able to do by the virus, the virus spread, and so forth.
To do an analysis of a virus usually requires tools that can analyze a play and the virus quickly
Here are some tools you can use to analyze a virus.
Making a course antivirus alone can not be separated from the introduction of the virus itself. We must analyze how it works, what is able to do by the virus, the virus spread, and so forth.
To do an analysis of a virus usually requires tools that can analyze a play and the virus quickly
Here are some tools you can use to analyze a virus.
1. Malcode Analysis Pack
(http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you analyze a malcode.
For example, such as ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so forth.
2. For Windows Autorun
(http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of auto-starting of the startup screen which is located in the windows.
This application will show the program to run when the system bootup or login.
3. RegMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
This tool can display the applications which are access to your system registry.
All will be displayed in real-time
4. Filemon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx)
This tool will display the system activity of a file in the operating system in real-time.
5. Multipot (http://labs.idefense.com/software/download/?downloadID=9)
This application is designed to collect a lot of malicious code found on the internet.
6. Process Explorer for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
This tool handles information about the process dal DLLs that are currently open.
This application shows the list of processes that are active at that time.
7. Resource Hacker (http://www.angusj.com/resourcehacker/)
Tool that can be used to change the resource on the Win32 executables and resource files that other.
8. Rootkit Unhooker (http://www.antirootkit.com/software/RootKit-Unhooker.htm)
Applications for mendateksi rootkit.
Some of the features are offered, among other Ultimate Drivers Detection, Hidden Files Detection and so on.
9. SysAnalyzer (http://labs.idefense.com/software/download/?downloadID=15)
This tool is able to analyze malcode automatically run time to monitor what is being done by the system and the process is running.
10. PE Identifier (http://www.peid.info/)
This application is used to detect the packers, cryptors.
Mendeteks this tool is capable of more than 600 signatures from a different PE file.
11. VB Decompiler Lite (http://www.vb-decompiler.org/download.htm)
A decompiler for programs that berextensi EXE, DLL and OCX.
12. MiTec EXE Explorer (http://www.mitec.cz/exe.html)
This tool was created as an executable reader.
This application is able to read and displays executable file properties and structure of a file is analyzed
(finderonly)
0 comments:
Post a Comment
Disclaimer :
I can not guarantee that the information on my blog is 100% correct..
Don't Forget!Leave Comment Here NO SPAM PLEASE!!