Thought this was cool from the Sysinternals team:
What's New:
January 29, 2014
· Process Explorer v16.0
Thanks to collaboration with the team at VirusTotal, this Process Explorer update introduces integration with VirusTotal.com, an online antivirus analysis service. When enabled, Process Explorer sends the hashes of images and files shown in the process and DLL views to VirusTotal and if they have been previously scanned, reports how many antivirus engines identified them as possibly malicious. Hyperlinked results take you to VirusTotal.com report pages and you can even submit files for scanning.
I tried it out at home yesterday and it’s pretty cool… they give you a detection rank column:
And when you click a process, they get you more info (example conhost.exe):
What's New:
January 29, 2014
· Process Explorer v16.0
Thanks to collaboration with the team at VirusTotal, this Process Explorer update introduces integration with VirusTotal.com, an online antivirus analysis service. When enabled, Process Explorer sends the hashes of images and files shown in the process and DLL views to VirusTotal and if they have been previously scanned, reports how many antivirus engines identified them as possibly malicious. Hyperlinked results take you to VirusTotal.com report pages and you can even submit files for scanning.
I tried it out at home yesterday and it’s pretty cool… they give you a detection rank column:
And when you click a process, they get you more info (example conhost.exe):
