Sysinternals Autoruns Tool Gets VirusTotal Integration

0

About a year ago, one of powerful Sysinternals tools, Process Explorer, got an update that brought VirusTotal, one of the most powerful online virus scanning service, into the tool to scan all your running processes and show the VirusTotal scan result to see if they are infected by the malwares. It was a very useful and great improvement. I have been using this as one of the tools to scan and make sure the system is clean and the results are very great.

Now the same thing happened to their another system tool, Autoruns. For starters, Autoruns is a small utility that shows you what programs are configured to run during system bootup or login. It reports Exlorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and etc.. It’s a small but powerful utility that has the most comprehensive knowledge about Windows bootup system.

With the new integration of VirusTotal, it could easily point you out which processes that are malware that should never be run or existed in the system. By default, the column of VirusTotal is already there but shows nothing. You will need to go to Options → Scan Option,

2015 02 09 21 37 26 Autoruns Sysinternals  www.sysinternals.com  - Sysinternals Autoruns Tool Gets VirusTotal Integration

And check the option “Check VirusTotal.com”, and click Rescan button.

2015 02 09 21 38 13 Autoruns Sysinternals  www.sysinternals.com  - Sysinternals Autoruns Tool Gets VirusTotal Integration

In a few moment, you will see the virus status score showing up in the VirusTotal column, which you can easily seen and identify if there is anything needed to be dealt with.

Autoruns Sysinternals  www.sysinternals.com  - Sysinternals Autoruns Tool Gets VirusTotal Integration

And same as in Process Explorer, you can click on the score link to check the details about the executable files on VirusTotal website.

Autoruns also comes with a command-line, autorunsc, in the same download package. With the -u switch, you can list the auto-start files that are unknown by VirusTotal or have non-zero detection. It’s very handy using conjunction with PSExec on remote computers.

It’s definitely a very welcome feature to all Sysinternals user. Because with the new integration with VirusTotal, both Process Explorer and Autoruns are not only a tool made for troubleshooting, but also a security checking tool that can quickly point out what went wrong on your computer.

LEAVE A REPLY

Please enter your comment!
Please enter your name here