Mark Russinovich shows how to use the Sysinternals tools, including Sysmon, Process Monitor, Process Explorer, and Autoruns for malware analysis and removal. These utilities enable deep inspection of processes, file and registry activity, and autostart points. He demonstrates their malware-hunting capabilities, by analyzing and cleaning several current malware samples.