Like Tree2Likes
  • 1 Post By hackerman1
  • 1 Post By hackerman1

Thread: Foolproof way to identify malware using Windows Sysinternals Process Explorer

  1. #1
    hackerman1 is offline Moderator
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default Foolproof way to identify malware using Windows Sysinternals Process Explorer

    How to scan every running process on your system for malware in seconds,
    without installing antimalware software.

    "
    Roger A. Grimes
    InfoWorld
    2015-12-11

    No single antimalware engine can keep up with all the malware out there.
    But how about 57 of 'em ?
    In this video, you'll learn how to download and run Windows Sysinternals Process Explorer,
    to test all currently running executables on your Windows system against VirusTotalīs 57 antivirus engines,
    which together offer the best accuracy you can ever get,
    (with a small percentage of false positives that are pretty easy to spot).




    VIDEO

    Neither the Sysinternals Process Explorer software nor the VirusTotal service cost anything at all.
    The whole setup process will take you about five minutes and the scan, which you can execute any time you like,
    takes less than a minute.
    Only malware in memory will be detected, but if you're infected, itīs very likely that malicious process will be running,
    and this easy method will sniff it out.
    Watch and learn.
    "
    A free, almost foolproof way to check for malware | InfoWorld


    If you want to save time and skip watching the video...

    Instructions for how to use Process Explorer to check processes on VirusTotal (as shown in the video)

    Start Process Explorer
    Click Options
    Navigate down to VirusTotal.com, then go right and mark: Check VirusTotal.com

    Note: the original text lightly edited by me.
    fx. i corrected the number of VirusTotalīs engines, itīs (currently) 66, not 57.

    Update (15-12-16): the number of engines used on VirusTotal seems to be varying.
    When i scanned a URL a couple of days ago it was 66, but when i use Process Explorer today itīs 57.
    So donīt blame the author for being wrong....
    Attached Images Attached Images
    Last edited by hackerman1; 16th December 2015 at 16:02.
    HappyAndyK likes this.

  2. #2
    chuckhig is offline Beginner
    Join Date
    Feb 2014
    Location
    NY
    Posts
    11

    Default

    Thank you very much for this information.

  3. #3
    pink Goose is offline New Member
    Join Date
    Apr 2016
    Posts
    2

    Angry

    Thanks for the article, it is very useful!
    But what if you already demand a ransom? :Сумасшедший:
    Thank you

  4. #4
    hackerman1 is offline Moderator
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default

    Quote Originally Posted by pink Goose View Post
    Thanks for the article, it is very useful!
    But what if you already demand a ransom? :Сумасшедший:
    Thank you
    If you are demanding a ransom then you are a "bad boy"...
    Last edited by hackerman1; 19th April 2016 at 22:19.
    pink Goose likes this.

  5. #5
    pink Goose is offline New Member
    Join Date
    Apr 2016
    Posts
    2

    Default

    hackerman 1 thanks for the link! I am weak in this(((

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22