As first step you need to setup a virtual machine in a clean PC, use Virtual PC from Microsoft from FREE and install it, then install a OS like WinXP.
Then you can download a debugger like the good OllyDbg (
https://www.ollydbg.de/) or SoftICE (ring 0 debugger you can also look into the driver code and make kernel code examination) and put into the installed virtual machine, then copy the virus file into the installed OS inside the virtual machine and then start to play with the debugger. You can dissassemble the virus code and then know how the virus work. If you get infected no problem, simply format your virtual machine and then restart the work. Just take care that debugger will execute the code step by step then if you run the exe file into the debugger you will get infected. WinDasm make simple plain disassembling without execute the file, also other best disassembler is IDA (
https://www.hex-rays.com/idapro/).
If you're already infected no matter about to install the virtual machine
, use directly the debugger or the disassembler on the infected file, I've do this lot of time into infected machine to discover the virus file and then know the virus behaviour.
Of course changing the exe may be a not simple task, some virus have morphing code (code is self changed during execution and this will take some time in decryption and understand how it works, but sometime the way is simple encryption and easy to do), other aren't compressed or encrypted then is more easy to do the debug work. Plain disassembling of a encrypted/compressed virus is unuseful because you've first to decrypt or unpack the virus to see the clean original code, this task can be do with a debugger.
But at least I've a question, if your purpose is know how the virus work the debugger approach can be a valid way, otherwise simply take a good antivirus and go on (e.g. AVG Free).
Good luck
Pow