Sysinternals "Process Explorer" now includes VirusTotal ability

C

Coldblackice

[H]ard|Gawd
Joined
Aug 14, 2010
Messages
1,152
For Windows users, Sysinternals "Process Explorer" now includes the ability to check all running applications' hashes with VirusTotal automatically (as well as manually), giving a quick overview of your system for any potentially rogue viruses or malware that may be running. I've hungered for a feature like this for a long time.

Note: v16.0 causes crashes. The main site has just barely updated with a fixed v16.01

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

(I have no connection with them; this has just been a vital tool for the overview and maintenance of my Windows' operating systems, I thought I'd share the news)
 
Pretty cool feature. I live by sysinternals products, so I was happy to see this. For anyone not familiar with the product, after you turn on VirusTotal scanning, you'll get a few different results:

If it says it can't find the file, you're not running it as an administrator and you don't have rights to the file.
If it says unknown, it means virustotal doesn't have that file in it's database. You can submit the file to them by right clicking on it.
If it is a blue result, it means that none of their scanners returned this as a virus.
If it is a red result, it means that at least one of their scanners returned it as a virus (lots of false positives!)

Very cool feature to get a quick overview of what process a virus might be running as!
 
The real trick is that you can track and release file handles as well as memory allocation. It's a great tool for programmers. I use it a lot.
 
For anyone not familiar with the product, after you turn on VirusTotal scanning, you'll get a few different results
Click to expand...
Wouldn't know...every time I turn it on the program crashes.
 
It crashed like a sonofabitch for me, too. I just kept restarting it. I think it took 3 times to get the VirusTotal results to work. Once it did, it hasn't crashed since.

This is odd with a sysinternals program -- usually they are rock solid.
 
Demon10000 said:
It crashed like a sonofabitch for me, too. I just kept restarting it. I think it took 3 times to get the VirusTotal results to work. Once it did, it hasn't crashed since.

This is odd with a sysinternals program -- usually they are rock solid.
Click to expand...

That was before MS purchased it :p
 
Used Process Explorer for over a decade on 500+ installations. One of my favorite tools!
 
If you are running Windows XP or higher, you should really give Process Explorer v16.01 a try.
Click to expand...

And if you are using a Windows version older than XP, someone should smack you upside the head, and proceed to give you a lesson about the dangers of using unpatched operating systems.
 
Zarathustra[H];1040605589 said:
And if you are using a Windows version older than XP, someone should smack you upside the head, and proceed to give you a lesson about the dangers of using unpatched operating systems.
Click to expand...

In 2 months XP will be included in that list.... So really, it's anything lower than Vista.
 
You must log in or register to reply here.
Back
Top