hey all, this is my first post in this decent forums, I would like to ask you about Ollybdg ... I want to ask after analyzing a file with Ollydbg and I get the 0's 1's and the hex dump, does this means that I can know from this dump what the program does? and if the file is infected with a virus code, can I remove it? thnx
L0L ... removing a virus, you think that's a child play ? And, you can know what the program does, better from it's Dis-assembly than from it's Hex Dump. If you actually know reverse engineering and are very thorough with it, yes you can patch/NOP some portions (infected) of the program to disinfect it. If you would like to master OllyDbg and get the best out of it, read the tutorials available here :: http://www.tuts4you.com/download.php?list.29. They have the BEST Olly Tuts I've seen on the net.
thnx for the reply dude, and thnx for the link, and i just say that i am new to this world and reverse engineering and i would like to master it and i know it takes too much time and i am willing to wait and learn, and about Dis-assembly is Ollydbg a dis-assembler ?