5 simple tips to analysis computer virus

Friday, December 11, 2009

If you are a computer user, I bet you all have been dealing with computer virus right? And sometime, the problem is, we cannot recognize the bad program that attacking our computers. But, if you want to know and analyze computer viruses by your self, here are some tips from me:

First, you need internet access, so you can download free tools. These can be downloaded from various websites.

For local viruses, it’s much easy to detect and recognize, as they usually have the same characteristic.

Local viruses can be checked through Windows list process on task manager. You can check if there some weird files are running. You can also check via registry tools (reg. edit).

If you are advance users, there are several tools you can use, namely pack detection, unpack program, and VB decomplier. It’s because local virus usually VB based.

After downloading those tools, you can start analyze the viruses through these simple steps:
1. Understand the type of virus that is attacking: what icon is disguised and what is the size?
2. Understand the characteristics of the virus. Does it make a duplicate file, hide files, inject files, or displaying certain messages?
3. Understand how the virus works: What is modified by virus, whether it’s modified registry, create master files, or are there blocked windows functions?
4.Understand the virus spreading process: Does it spread through USB flash disk or shared folder? Local viruses usually spread through those medium.
5.Prepare tools that are going to use.


Anonymous said...

Very nice post... why you dont attach any image for more clearly...Peace.

Thank you for the compliment aziz. I am trying and learning to put some images on my postings. However since lack of knowledge and infos I found manya problems when doint it. Perhaps you could do me some favor, as your blog is very educative one. Anyway thanks for stopping by.

Post a Comment