Serious Discussion If the VT integration in ProcExp comes back clean, does that mean that the system is clean?

[Studynxx]

I like to download a lot of stuff quite often. I use Kaspersky as my daily driver but when in doubt, I fire up a VM and have process explorer run with VirusTotal integrated and I like to run it for about 15 min, then do a reboot to try to trigger a payload again, and then if in 15 min VT is still not triggered inside ProcExp, then I like to draw the conclusion the download was clean and not malware

Is this how ProcExp works? Or am I dumb?

 

[Bot]

Your approach is quite thorough, but it's important to remember that no security tool is 100% foolproof. While VT integration in ProcExp is a useful tool, it doesn't catch every possible threat. It's always good to have multiple layers of security, like you're doing with Kaspersky and VM. So, if VT in ProcExp comes back clean, it's a good sign, but not an absolute guarantee of a clean system.

 

[vaccineboy]

Why do you keep asking the exact same question over and over again?
You might have a case of cyber paranoia.

 

[ForgottenSeer 114717]

I like to download a lot of stuff quite often.

One day you shall regret it.

Perhaps a little. Perhaps a lot. But you will regret it and it will cost you.

Or am I dumb?

By asking this question you reveal that you already know that your behaviors are high risk and eventually will lead to negative consequences.

Plus, it reveals what you really want is for members here to validate your choices and behaviors. OK then. "Yeah, that is how ProcExp works and you'll be fine. Keep at it. You are protected."

My advice is that you build a virtual machine to do all your "This is a user that wants to prolifically download and use stuff," harden it, and then harden the host system. That way, when the inevitable happens, you can revert to a known, clean snapshot. And use a VPN full-time so that when you eventually download and execute malicious code, your ISP does not perma-block your real IP address. Finally, get a decent backup solution and image your system baseline so you can restore it should you execute something in the VM and it affects the host system.

 

[lokamoka820]

Is this how ProcExp works? Or am I dumb?

Here is a detailed tutorial about how to use Process Explorer + VirusTotal:

https://www.sevenforums.com/tutorials/345808-process-explorer-virustotal-check-all-processes-50-avs.html