Last week, version 16 of Process Explorer was released and 16.01 was released yesterday. Its newest feature is VirusTotal integration. You use Process Explorer to examine the processes currently running on a Windows computer and now you can right-click on any process to upload it to VirusTotal to have it scanned by 40+ different antivirus scanners. You will then get the feedback on how many of those AV engines thought the file could be malicious. All from within Process Explorer.
The new version includes a new column for VirusTotal and a new entry on the context menu when you right-click on a process.
The first time you use the ‘Check VirusTotal’ function, you will be shown the Terms in your browser and a pop-up asking if you agree with the terms. After that, the process is hashed and submitted to VirusTotal. The column is then updated with the results to tell you how many of the virus scanners find the file to be malicious.
I made a quick screencast to demonstrate the new functionality.
Process Explorer could already be handy in cleaning a malware infection but this new feature makes it even better.