This session provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for analyzing and removing malware. These utilities allow for thorough inspection and control of processes, file system and registry activity, and autostart execution points. You'll see demos of their malware-hunting capabilities using several real-world cases where the tools were used to identify and clean up malware, and conclude with a live analysis of the system impact of a Stuxnet infection.

Filmed at TechEd 2013

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.