Tools To Analyze A Virus

Often times when our antivirus scan on our computer, many viruses were found. but you wonder what that virus? how viruses work, what it is capable of doing by the virus, what is infected and so forth. Here there are some tools you can use to analyze a virus:

1. Malcode Analysis Pack
( Http://labs.idefense.com/software/download/?downloadID=8 )
This tool consists of a variety of applications that can help you analyze a malcode.
Examples include ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so forth.

2. RegMon for Windows
( http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx )
This tool can display any applications that are accessing the registry on your system.
All will be displayed in real-time

3. Multipot ( http://labs.idefense.com/software/download/?downloadID=9 )
This application was designed to collect a lot of malicious code found on the internet.

4. Resource Hacker ( http://www.angusj.com/resourcehacker/ )
Tool that can be used to change the resources on win32 executables and other resource files.

5. SysAnalyzer ( http://labs.idefense.com/software/download/?downloadID=15 )
This tool can analyze malcode automatically run time to monitor what is being done by the system and running processes.

6. VB Decompiler Lite ( http://www.vb-decompiler.org/download.htm )
A program Decompiler for programs that berextensi EXE, DLL, and OCX.

7. MiTec EXE Explorer ( http://www.peid.info/ )
This application is used to detect packers, cryptors.
This tool is able to mendeteks more than 600 different signatures of the PE file.

9. Rootkit Unhooker ( http://www.antirootkit.com/software/RootKit-Unhooker.htm )
Mendateksi Application for rootkits.
Some of the features offered include Ultimate Drivers Detect, Detect Hidden Files and so forth.

10. Process Explorer for Windows
( http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx )
This tool handles dal find information about the DLLs that process is open.
This application will show you a list of processes that were active at that time.

11. Philemon for Windows
( http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx )
This tool will display the system activity from a file in the system operating in real-time.

12. For Windows AutoRun
( http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx )
This application is used to determine the location of auto-starting of the startup screen in windows.
This application will show you programs that run when the system bootup or login.
Posted by
Labels: , ,