Posted by & filed under Server Admin.

I came across this today and had to share. The latest version of Process Explorer has native integration with VirusTotal This means you can have Process Explorer analyze the processes running and compare them with the VirusTotal database.

Process Explorer 16 w/ VirusTotal integration

Enable:

Usage:

  • Select options -> Check VirusTotal.com to initiate a scan of the processes. The VirusTotal column will populate with scores for the process.
  • Click a score to be taken to the detailed results on VirusTotal.
    procexp-vtuse-2

How It Works:

  • Creates a SHA256 hash of the file.
  • Submits to VirusTotal.
  • The hash of the process is then looked up in VirusTotal’s database, and the results are displayed in Process Explorer.

Leave a Reply

You must be logged in to post a comment.