About Me
Thursday, March 3, 2011
These viruses are spread on the Internet the day raised the point that many companies such as Kaspersky, McAffe, Norton antivirus providers and others who compete to make a very potent antiviral. Do an antivirus alone cannot be separated from the introduction of the virus itself. We have to look at how it works, what can be done by a virus in it, what are infected and so on.
For the analysis of a virus usually requires tools that can be menganaliasa a virus in detail and quickly. Here are some tools that can be used to analyze a virus.
malcode analysis pack
(http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you to analyze malicious code.
Examples like ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so on.
Autorun For Windows
(http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of automatic startup of the screen in Windows.
This application will show the programs that run during the boot of the system or login.
RegMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
For the analysis of a virus usually requires tools that can be menganaliasa a virus in detail and quickly. Here are some tools that can be used to analyze a virus.
malcode analysis pack
(http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you to analyze malicious code.
Examples like ShellExt, socketTool, fakeDNS, Sheilcode2Exe and so on.
Autorun For Windows
(http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of automatic startup of the screen in Windows.
This application will show the programs that run during the boot of the system or login.
RegMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
This tool can show the applications that run for accessing the registry in the system.
All are shown in real time
FileMon for Windows
This tool shows the activity of the system of a file in the operating system in real time.
Multipot
This application is designed to collect a large amount of malicious code found on the Internet.
Process Explorer for Windows
This tool is responsible for dal find information about the processes of DLL files that are currently open. This application displays a list of processes that are active at that time.
Resource Hacker
The tools that you can use to change the use of win32 executables and resource files to another.
Rootkit Unhooker
Applications for the detection of rootkits. Some of the features that are offered include last drivers of detection, detection of hidden files and so on.
SysAnalyzer
This tool is able to automatically analyze malicious code at runtime to control what is done by the system and running processes.
PE iDentifier
This application is used to detect the Packers, cryptors. This tool is able to mendeteks more than 600 different PE file signatures.
VB Decompiler Lite
A decompiler program for programs that berextensi EXE, DLL and OCX.
MiTec EXE Explorer
This tool was created as a reader of executables. This application is able to read and displays the properties of the executable file and the structure of a file that is analyzed.
* good luck .. .
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment