There are many viruses spread rapidly in the days, therefore many Antivirus vendor like Kapersky, McAfee, Norton and others are compete to create an antivirus which more powerful and secure.The making of Antivirus itself will not separated from the virus itself. We must analyze how it works, what it is capable of doing by the virus, what will infected by the virus. To do an analysis of a virus usually requires tools that can analyze a virus in details and quick.
Here are some tools you can use to analyze a virus:
1. Malcode Analysis Pack
(http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you analyze a malcode.
For example, such as ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so forth
.
2. Autoruns For Windows
(http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of auto-starting of the startup monitor which is located in the windows.
This application will show the program which is running while the system booting up or logon.
3. RegMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
This tool can display the applications which are accessing to your system registry.
All will be displayed in real-time
4. Filemon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx)
This tool will display the system activity of a file in the operating system in real-time.
5. Multipot
(http://labs.idefense.com/software/download/?downloadID=9)
This application is designed to collect a lot of malicious code found on the internet.
6. Process Explorer for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
This tool handles information about the process dal DLLs that are currently open.
This application shows the list of processes that are active at that time.
7. Resource Hacker
(http://www.angusj.com/resourcehacker/)
Tool that can be used to change the resource on the Win32 executables and the other resource files.
8. Rootkit Unhooker
(http://www.antirootkit.com/software/RootKit-Unhooker.htm)
Application to detect the rootkit.
Some of the features which where offered are Ultimate Drivers Detection, Hidden Files Detection and so on.
9. SysAnalyzer
(http://labs.idefense.com/software/download/?downloadID=15)
This tool is able to analyze malcode automatically run time to monitor what is being done by the system and the process which is running.
10. PE Identifier
(http://www.peid.info/)
This application is used to detect the packers, cryptors.
This tool is able to detect more than 600 signatures from a different PE file.
11. VB Decompiler Lite
(http://www.vb-decompiler.org/download.htm)
A decompiler for programs which have extension like EXE, DLL and OCX.
12. MiTec EXE Explorer
(http://www.mitec.cz/exe.html)
This tool made as an executable reader.
This application is able to read and displays executable file properties and structure of a file which are analyzed.
I collect This information from some other source sites,Please test the above tools and post a responce ,below in comments.
Thankyou,
thanks you for your sharing guyss
ReplyDeletejenis jenis virus komputer dan cara mengatasinya