Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

*New* Process Explorer v16.0 + VirusTotal


  • Please log in to reply
3 replies to this topic

#1 dave1977nj

dave1977nj

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 01 February 2014 - 02:23 PM

Microsoft’s Windows Sysinternal Suite has released the latest version of Process Explorer v16.0 that has an awesome feature which allows a user to scan any running program files with a web-based multi-antivirus scanner VirusTotal.

 

You can get it here http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

 

:cool:



BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:54 PM

Posted 01 February 2014 - 02:29 PM

I can foresee malware being written now to prevent process explorer from running so you cannot do that.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,483 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:54 AM

Posted 01 February 2014 - 04:20 PM

Right-clicking on a process in ProcessHacker or System Explorer allows you to send it (File Check) to Jotti's virusscan or VirusTotal. Process Hacker also allows sending it to Camas Comodo.

Right-clicking on a process in AnVir TaskManager Free allows you to send it to VirusTotal.


If you are using Firefox, you can use the VTzilla Add-on to check (analyze) a file for malware at VirusTotal before downloading and saving it to you computer.
 

VTzilla is a Mozilla Firefox browser plugin that simplifies the process of scanning Internet resources with VirusTotal. It allows you to download files directly with VirusTotal's web application prior to storing them in your PC. Moreover, it will not only scan files, but also URLs. The scanning options are embedded in Firefox's context menu and download dialog, making the analysis process as easy as clicking a single button...Once you have checked the file, you will decide whether or not to download it to your PC.

VTzilla: Mozilla Firefox Browser Extension
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 PM

Posted 04 February 2014 - 02:43 PM

The latest version of sigcheck also comes with VirusTotal support.

 

http://technet.microsoft.com/en-us/sysinternals/bb897441.aspx


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users