How to be stay free of viruses / malware even w/o Antivirus (using Microsoft's PE)

How to be stay free of Viruses / Malware without Antivirus (using Microsoft's Process Explorer)

(1) Download Process Explorer from its homepage: Process Explorer

(2) Extract the contents and Double-click the file procexp.exe

(3) Enable "Check VirusTotal.com" from Options

Attachment 29343

(4) The new column VirusTotal will be added automatically, and initially show "Hash submitted...". After a few seconds it will show the result

(5) Processes that run as System and not as standard user, won't show a VirusTotal result until we restart Process Explorer with elevated permissions. Enable "Show Details from All Processes" from File Menu

(6) A VirusTotal result of 0/55 means that 55 anti-virus products have checked the file and that non of them detected anything!

Click the result/link to open the detailed report in a web browser. There you'll find when the scan was done and other useful information like what anti-virus products detected anything and what type of possible infection/malware.

(7) If only one or two AV detected something, chances are that it's a "false positive" (wrongly detected) and that the file is clean. Click the VirusTotal link to get more details about it. Sometimes one or two AVs detects Torrents Clients as false positives

You only have to worry only if multiple AVs detects that file as Virus and shown in Red color


Example of Virus Detection :-

Attachment 29344

In the above case, Amazon Music Helper is just a False Positive, not a Virus


(8) This way you can stay free of viruses and detect them early, even if you don't have any Antivirus in your PC

(9) You can add Process Explorer to your startup and check for malicious process at every startup if you want to.

(10) If you want you can also verify image signatures. You do this by selecting "Verify Image Signatures" from the Options menu. In the screenshot below you can see how it looks like when that option is checked, the second row in the drop-down Options menu. When you select this option you'll see a new column in the process list: "Verified Signer". Example:

Attachment 29345

Verifying Image signatures is a Good addition to Virus Total

Feel free to ask your doubts, if any. Have a nice day people ;)

Thank you for your help!