makspogonii - Fotolia
Although not technically an antimalware tool, Microsoft Autoruns, a free Sysinternals tool, is probably the best tool for manually removing a malware infection from a PC.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Sometimes, antimalware software fails to remove an infection completely. In these cases, admins can use Microsoft Autoruns to complete the cleanup process.
Microsoft Autoruns is so effective for removing malware from a PC because it is designed to show you everything configured to run when the system starts up. With this information, you can identify and remove unwanted or malicious software from a PC.
The startup process can involve an overwhelming number of files, registry keys and more. Fortunately, the latest version of Microsoft Autoruns includes a feature to hide signed Microsoft entries, which cuts through the clutter by configuring the tool to display only non-Microsoft startup items.
The feature also checks Microsoft entries for a digital signature prior to hiding any entries. This is important because malware sometimes tries to masquerade as an operating system component to avoid detection or removal. Verifying a digital signature allows Autoruns to distinguish between authentic Microsoft entries and third-party entries designed to trick you into thinking they came from Microsoft.
Incidentally, Microsoft Autoruns doesn't solely examine the operating system boot process. It also provides startup information for applications built into Windows, such as Internet Explorer or Media Player, so you can tell whether third-party code has latched onto the boot process for these utilities.
More Sysinternals tools to look at
Guide to the Sysinternals suite
How to detect malware
Dig Deeper on Network intrusion detection and prevention and malware removal
Related Q&A from Brien Posey
PowerShell can unlock a lot of management capabilities for IT, but it is also a potential security gap. Put Group Policy to work to fill in the hole.continue reading
Is a converged or hyper-converged deployment the best option for you? While both infrastructures are similar, there are key differences in use cases ...continue reading
Licensing is a critical component of VDI. VMware offers two main licensing options with Horizon View; a per user model and a per concurrent ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.