VirusVirus-virus that spread in the Internet grows more every day, so many companies like kaspersky antivirus providers, McAffe, Norton and others vying to make a very powerful antiviral.
Making an antivirus alone certainly can not be separated from the introduction of the virus itself. We must analyze how it works, what is capable of doing by the virus, which infected everything and so on.
To do an analysis of a virus usually requires tools that can menganaliasa a virus in detail and quick.
Here are some tools you can use to analyze a virus.
1. Analysis Malcode Pack
(http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you analyze a malcode.
Examples like ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so on.
2. Autorun for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of auto-starting of the startup screen in the windows.
This application will show you programs that run during system bootup or login to do.
3. RegMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
This tool can display any application that is doing the registry access in your system.
All will be displayed in real-time
4. Filemon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx)
This tool will display the system activity from a file in the operating system in real-time.
5. Multipot (http://labs.idefense.com/software/download/?downloadID=9)
This application is designed to collect a lot of malicious code found on the Internet.
6. Process Explorer for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
This tool to know information about DLLs dal handles currently open process.
This application will show list of processes that were active at that time.
7. Resource Hacker (http://www.angusj.com/resourcehacker/)
Tool that can be used to change the resource on win32 executables and other resource files.
8. Rootkit Unhooker (http://www.antirootkit.com/software/RootKit-Unhooker.htm)
Applications for mendateksi rootkits.
Some of the features offered include Ultimate Drivers Detection, Hidden Files Detection and so on.
9. SysAnalyzer (http://labs.idefense.com/software/download/?downloadID=15)
This tool can analyze malcode automatically run time to monitor what is being done by the system and running processes.
10. PE Identifier (http://www.peid.info/)
This application is used to detect the Packers, cryptors.
This tool can mendeteks more than 600 different signatures of the PE file.
11. VB Decompiler Lite (http://www.vb-decompiler.org/download.htm)
A program to program Decompiler berextensi EXE, DLL and OCX.
12. EXE MiTec Explorer (http://www.mitec.cz/exe.html)
This tool was created as an executable reader.
This application is able to read and displays executable file properties and structure of a file being analyzed.
Making an antivirus alone certainly can not be separated from the introduction of the virus itself. We must analyze how it works, what is capable of doing by the virus, which infected everything and so on.
To do an analysis of a virus usually requires tools that can menganaliasa a virus in detail and quick.
Here are some tools you can use to analyze a virus.
1. Analysis Malcode Pack
(http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you analyze a malcode.
Examples like ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so on.
2. Autorun for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of auto-starting of the startup screen in the windows.
This application will show you programs that run during system bootup or login to do.
3. RegMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
This tool can display any application that is doing the registry access in your system.
All will be displayed in real-time
4. Filemon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx)
This tool will display the system activity from a file in the operating system in real-time.
5. Multipot (http://labs.idefense.com/software/download/?downloadID=9)
This application is designed to collect a lot of malicious code found on the Internet.
6. Process Explorer for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
This tool to know information about DLLs dal handles currently open process.
This application will show list of processes that were active at that time.
7. Resource Hacker (http://www.angusj.com/resourcehacker/)
Tool that can be used to change the resource on win32 executables and other resource files.
8. Rootkit Unhooker (http://www.antirootkit.com/software/RootKit-Unhooker.htm)
Applications for mendateksi rootkits.
Some of the features offered include Ultimate Drivers Detection, Hidden Files Detection and so on.
9. SysAnalyzer (http://labs.idefense.com/software/download/?downloadID=15)
This tool can analyze malcode automatically run time to monitor what is being done by the system and running processes.
10. PE Identifier (http://www.peid.info/)
This application is used to detect the Packers, cryptors.
This tool can mendeteks more than 600 different signatures of the PE file.
11. VB Decompiler Lite (http://www.vb-decompiler.org/download.htm)
A program to program Decompiler berextensi EXE, DLL and OCX.
12. EXE MiTec Explorer (http://www.mitec.cz/exe.html)
This tool was created as an executable reader.
This application is able to read and displays executable file properties and structure of a file being analyzed.
0 komentar:
Posting Komentar