5 Langkah Menganalisis Virus

Posted in News on Jan 16, 2010

Have not bothered by a virus that attacks your computer? While we do not update antivirus programs are able to recognize the evil that mangacau. Why not try fad analyze yourself? Here’s a simple step.

Taufik Juhar Adang, senior Vaksinis Vaksincom in Vaksin[dot]com seminar held at Ancol, Friday (4/12/2009), to explain how simple steps that infiltrate the virus analysis on the Windows operating bersistem computer, especially if the local virus attack.

“For the local virus itself was easy to analyze, because it would karakterisitknya same,” he said. Adang said that first we must have the Internet, to find tools-tools that can be downloaded for free at some sites. Examples like the following :

  • Pack and Unpack Detection Programs
    • PEid v0.94 (http://www.peid.info/download.html)
    • Security Task Manager (http://upxshell.sourceforge.net/download.html
  • Vb Decompiler (http://www.vb-decompiler.org/download.htm)
  • List Process Windows (Task Manager)
    • Security Task Manager (http://www.neuber.com/taskmanager/download.html)
    • ProceeXp (http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)
    • IceSword (http://icesword.en.softonic.com/download)
    • CurrProcess (http://www.brothersoft.com/currprocess-32083.html)
  • Registry tools ( Regedit )
    • Reg Watcher / Registry monitor (http://mj-registry-watcher.en.softonic.com/)
    • RegAnalizer (http://www.safer-networking.org/files/regalyz.exe)
  • Windows Startup list (Msconfig)
    • HijackThis (http://www.filehippo.com/download_hijackthis/)
    • Autorun (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
  • ExplorerXP (http://www.explorerxp.com/)
  • Hoster (http://www.funkytoad.com/download/HostsXpert.zip)
  • Live CD
    • MiniPE (www.minipe.org)
    • Bart PE (http://www.nu2.nu/pebuilder/)
    • ReatogoXPE (www.reatogo.de)
    • Windows Live CD (http://www.livecdlist.com/)

Adang also explained that we have the tools-tools, we can begin to analyze the stages that simple:

  1. Understand the type of virus that had attacked: what is disguised Icon and size.
  2. Understand the characteristics of the virus. Would make a duplicate file, hide files, inject files, or displaying certain messages.
  3. Understand how the virus: What are modified viruses, whether the registry, created master files, or function of the blocked windows. (Http://www.kellys-korner-xp.com/xp_tweaks.htm)
  4. Understand viruses: Does the USB flash disk or folder on the share, because the local virus usually infiltrate through the media
  5. Prepare a few tools that are used.
Share
Tags: ,

Leave a Reply


  • You Avatar