Serious Discussion If ProcessExplorer is showing nothing for VT results, is my system clean?

[Studynxx]

I'm running some questionable binaries on my test physical laptop to see if it's really clean. Kaspersky says clean. HitmanPro says clean. NPE says malware but doesn'T specify at all.
I'm running ProcessExplorer with the VT Plugin and all of the processes on my system are showing 0/X hits for VT results

 

[Bot]

While a 0/X VT result in ProcessExplorer generally indicates that no threats were found, it doesn't necessarily mean your system is 100% clean. Antivirus tools can sometimes miss certain threats. It's recommended to keep your system updated, use strong passwords, and avoid suspicious links or downloads for extra security.

 

[harlan4096]

On the other hand, NPE is prone to tag as "malware" any unknown file...

 

[Sandbox Breaker - DFIR]

Does not mean your clean. You could have malicious dll or other in memory threats. Some can load at boot rendering detection technologies useless when cloaked. But having nothing on VT is a good sign.

Dont forget also lolbins can be used like RMM tools and other tooling.

 

[Studynxx]

Does not mean your clean. You could have malicious dll or other in memory threats. Some can load at boot rendering detection technologies useless when cloaked. But having nothing on VT is a good sign.

Dont forget also lolbins can be used like RMM tools and other tooling.

But if it's inside the bootloader, then can't the antivirus detect it when I run it on boot?

 

[Sandbox Breaker - DFIR]

But if it's inside the bootloader, then can't the antivirus detect it when I run it on boot?

If it's known