VirusTotal Process Checker?

Discussion in 'other anti-virus software' started by RejZoR, Aug 30, 2015.

  1. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I was wondering, is there any application that is running in real time and checks the hash of every EXE you run (or even better access) and notifies you if the found hash is detected by AV's?

    Sort of very basic AV that's not really blocking anything, just lets you know if hash of the EXE found on VT is detected or not. Process Explorer does this, but it's too fiddly and can't exactly be used as real-time tool plus it's crashing so that's no use.

    Or if you know any app similar to what I'm looking for so I might check it out and see if it's of any use.
     
  2. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    491
    Location:
    Earth .... occasionally
    Process Explorer is the one that immediately comes to mind , but I see that it is not suiting your needs.
    I clearly remember reading about other apps that automatically refer to VT but I never needed to check them out.

    I'm sure other Wilders members will chime in with suggestions though !
     
  3. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,081
    Location:
    Netherlands
    http://www.crystalsecurity.eu/ also REAL TIME VT-lookup with three modes (checking PE's being dropped in downloads/temp or checking objects executed or both=default). It remembers hashes checked and offers configurable rating (when hash detected by five or more AV'in VT, classify it as malware).
     
    Last edited: Aug 30, 2015
  4. syrog

    syrog Registered Member

    Joined:
    Jul 13, 2013
    Posts:
    30
  5. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    But HerdProtect isn't real-time. It's and on-demand scanner.
     
  6. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,987
    Location:
    Brasil
    Avira does exactly that, though not by default if I remember correctly.

    There's also a Windows command to check the integrity of system's files:

    Code:
    sfc /scannow
     
  7. one111

    one111 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    92
    SecureAplus seems to do just that
     
  8. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Emsisoft AM/IS checks both hash and signature using its behavior blocker but that is an AV ....................

    EAM_Hash_08302015.png
     
  9. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,177
  10. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    617
    Location:
    Wembley, London
  11. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    2,283
    VoodooShield is VT dependent.
     
  13. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Yes VoodooShield.

    Cheers,

    TH
     
  14. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,076
  15. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,177
    "Does that do it in RT?
    I have process hacker but have not noticed it"

    Their web site says:

    "Get real-time information on disk access."

    Reason I thought this might be a good one is I might have misunderstood rejzor's request. I thought he was looking for something he could change to add the function of VT because it is open source.

    Many of you have probably used Process Explorer in the past. Process Hacker has several advantages:

    • Process Hacker is open source and can be modified or redistributed.
    • Process Hacker is more customizable.
    • Process Hacker shows services, network connections, disk activity, and much more!
    • Process Hacker is better for debugging and reverse engineering.