Skill Level Intermediate
- [Thomas] Hi, I'm Thomas Pantels, and there are viruses, like the one we will see in this course, that can damage files, clone itself, and much more. Viruses exist, and the programmers that write them don't want you, the victim, to know how they work. The Windows Performance Toolkit is a collection of powerful tools, like the Windows Performance Recorder, which is used to record system events, and the Windows Performance Analyzer, which is used to inspect those events. By inspecting the source code of a virus, we will gain insight as to what Windows APIs are called due to file infecting behavior.
We will also see other suspicious file operations due to malicious behavior inside the Windows Performance Analyzer. With this knowledge, you'll be better equipped to protect your system. Are you ready? Let's get started.