Using Trojan Analyser
Trojan Analyser allows determining if a suspicious file is useful or harmful.
It traces all files that the application tried to open or write, and all registry operations.
Trojan Analyser has two methods to begin tracing:
1) You may browse for a execution file. Trojan Analyser will run this file and watch until it finishes, or while you stop.
2) You may choose one or all of the processes that are already working (excluding system processes.) To trace all process set the option "Monitor All Processes".
1) You may enable option "Enable Write-Protect Mode".
This option prevents creating, deleting, renaming files with extensions:
This feature will protect your system files against dangerous actions.
Be careful, if you try to launch the installation package with this option enable. It may cause an abnormal working of the installation program.
After finishing tracing Write-Protection mode will be automatically cancelled.
2) Trojan Analyser automatically checks your execution file extensions (exe, com, pif, bat) before starting tracing and after finishing. If the file extensions will be changed, Trojan Analyser will restore them. This will protect you against viruses’ actions.
We suggest you to check your system by WatchDog or run Start Control to restore changes in the startup.
After the application finished, or you stop its work, you will see the results in the Results window. You may quickly inspect changes by using search and sort operations. Also, you may export results to CSV file format. You may use Excel or another application to analyze them.
Also you may use CSVED software by Sam Francke for free.