Virus Analyzer
There are many virus spreads on internet and grow up everyday, therefore many antivirus provider like McAffee, Norton, Kaspersky and others competing to make a very powerful antivirus. The making of antivirus absolutely will need to identify the virus firstly before they launch the anti-virus. We must analyze how it works, what it can do by a virus in it, what are infected and so on.
To perform the analysis of a virus usually requires tools that can analyze a virus in detail and quick. Here are some tools you can use to analyze a virus.
1. Malcode Analysis Pack
(http://labs.idefense.com/software/download/?downloadID=8)
This tool consists of a variety of applications that can help you analyze a malcode.
i.e : ShellExt, socketTool, fakeDNS, Sheilcode2Exe and others.
2. Autorun For Windows
(http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
This application is used to determine the location of auto-starting of the startup screen in windows.
This application will show the programs that run during the system bootup or login.
3. RegMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx)
This tool can show which applications are running to access the system registry on your computer.
All will be displayed in real-time
4. FileMon for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx)
This tool will display the system activity of a file in the operating system in real-time.
5. Multipot (http://labs.idefense.com/software/download/?downloadID=9)
This application is designed to collect a lot of malicious code found on the internet.
6. Process Explorer for Windows
(http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
This tool handles dal find out information about DLL’s processes that are currently open.
This application will show a list of processes that are active at that time.
7. Resource Hacker (http://www.angusj.com/resourcehacker/)
Tools that can be used to change the resource on win32 executables and resource files to another.
8. Rootkit Unhooker (http://www.antirootkit.com/software/RootKit-Unhooker.htm)
Applications to detect rootkits.
Some of the features offered include Ultimate Drivers Detection, Hidden Files Detection and so on.
9. SysAnalyzer (http://labs.idefense.com/software/download/?downloadID=15)
This tool is able to analyze malcode automatically run time to monitor what is being done by the system and running processes.
10. PE iDentifier (http://www.peid.info/)
This application is used to detect packers, cryptors.
This tool is able to detect more than 600 different signatures of the PE file.
11. VB Decompiler Lite (http://www.vb-decompiler.org/download.htm)
A program decompiler for programs that have an EXE, DLL and OCX extension.
12. MiTec EXE Explorer (http://www.mitec.cz/exe.html)
This tool was created as an executable reader.
This application is able to read and displays executable file properties and structure of a file that is analyzed.
