Thursday, January 30, 2014

Process Explorer 16 with VirusTotal

Process Explorer is a freeware task manager and system monitor by Sysinternals used to manage processes on Windows operating systems.

Windows Sysinternals has released Process Explorer 16 with VirusTotal integration. This adds the ability to easily check suspicious or unknown processes running on Windows computers with the database.

Note: The VirusTotal results will show in Process Explorer to the right of the process. The first time you use the VirusTotal option you will have to agree to the VirusTotal Terms of Service.

There are a few different options for checking the VirusTotal database from within the Process Explorer GUI.

1) Right-click any process and select 'Check VirusTotal'. Process Explorer then submits the file hash and displays the results.

2) Open Process Explorer and in the upper right corner click Options > > Check Process Explorer then will check all running processes and loaded DLLs with and displays the results.

For the total geek experience check out the full Microsoft Windows Sysinternals Suite.

No comments: