Research Resource Discovery

Windows Performance Toolkit: Virus Analysis

Affiliation: UIUC


Type: Streaming Resource

Description: What happens when your computer starts acting unpredictably, keeps shutting down, or stops responding all together? A virus is the likely culprit. The Windows Performance Toolkit provides tools to catch threats that anti-virus programs miss. In this course, Thomas Pantels shows how to inspect a self-replicating virus that injects its own malicious source code into other normal Windows programs and files. These newly infected files further spread the virus when they are executed. By analyzing CPU usage and file I/O activity with Windows Performance Analyzer, you can isolate the virus and remove it from your system permanently.

Quality Level: production