This session will provide an overview of several Sysinternals tools, including Process Monitor, Process Explorer and Autoruns, focusing on features useful for malware analysis and removal. We will demonstrate malware-hunting capabilities by presenting several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of current malware samples.