makspogonii - Fotolia

Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What are the new features in Microsoft Autoruns?

With Microsoft Autoruns, IT admins can see everything that runs when Windows starts up to identify if anything is there that shouldn't be.

Although not technically an antimalware tool, Microsoft Autoruns, a free Sysinternals tool, is probably the best tool for manually removing a malware infection from a PC.

Sometimes, antimalware software fails to remove an infection completely. In these cases, admins can use Microsoft Autoruns to complete the cleanup process.

Microsoft Autoruns is so effective for removing malware from a PC because it is designed to show you everything configured to run when the system starts up. With this information, you can identify and remove unwanted or malicious software from a PC.

The startup process can involve an overwhelming number of files, registry keys and more. Fortunately, the latest version of Microsoft Autoruns includes a feature to hide signed Microsoft entries, which cuts through the clutter by configuring the tool to display only non-Microsoft startup items.

The feature also checks Microsoft entries for a digital signature prior to hiding any entries. This is important because malware sometimes tries to masquerade as an operating system component to avoid detection or removal. Verifying a digital signature allows Autoruns to distinguish between authentic Microsoft entries and third-party entries designed to trick you into thinking they came from Microsoft.

Incidentally, Microsoft Autoruns doesn't solely examine the operating system boot process. It also provides startup information for applications built into Windows, such as Internet Explorer or Media Player, so you can tell whether third-party code has latched onto the boot process for these utilities.

Next Steps

More Sysinternals tools to look at

Guide to the Sysinternals suite

How to detect malware

This was last published in February 2016

Dig Deeper on Network intrusion detection and prevention and malware removal

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What types of hidden malware have you run into?
Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close