Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: ThreatCheck released

12 Oct 2014   #1
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
ThreatCheck released

Quote:

What does ThreatCHECK do?

ThreatCHECK monitors what IP addresses your computer is talking to by repeatedly running the ‘netstat’ command utility for a fixed period of time. This is a totally passive action that has no effect on communications to or from the computer.

When the time period is over, the ‘View full report’ option uploads the data to ThreatSTOP’s website where we cross correlate it with our database to find out if we know anything about the IP addresses your computer has been talking to

Note: To access full reports your email address is required. You can use a disposable email address.

If you use your personal email address expect to receive marketing emails offering to sell you their realtime ip reputation and blocking service - named ThreatStop.

The download is a single executable - no installation required. Run the executable to access the GUI:

ThreatCheck released-threatcheck-tests.jpg

The short test takes 15 minutes to complete. The other tests will take longer. You can specify the amount of time to test via the command line:

threatcheck.exe/t N

where N is the number of minutes.

I ran ThreatCheck for 4 minutes:

ThreatCheck released-threatcheck-specify-time.jpg

Results: (via email link)

ThreatCheck released-threatcheck-results.jpg

Checking the ip address results on VirusTotal:

https://www.virustotal.com/en/ip-add...6/information/

Ironically it resolves to olark dot com and appears to have been triggered by ThreatCheck's "Talk to an analyst" button.

ThreatCheck released-detection.jpg

Running another utility - CrowdInspect reveals the following:

ThreatCheck released-crowdinspect-1.0.0.1-.jpg

In this case it's nothing to worry about.

ThreatCheck could be a useful tool if you think you've got problems!

ThreatCheck FAQ

ThreatCheck Download




Attached Images
ThreatCheck released-threatcheck.jpg 
My System SpecsSystem Spec
.
13 Oct 2014   #2
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Chris I think I gathered that is your name mate I have just answered an old post and I maybe would have advised the OP to use this as she opened a suspect email. Would this have picked that up?? My and possibly others only concern would be that one has to send what our machines have been viewing and it might be embarrassing for some I suppose - or have I got it wrong??
My System SpecsSystem Spec
13 Oct 2014   #3
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
ThreatCheck usage

You got the name right!

Anyway the suggested way to use the program is to leave the machine switched on overnight when it's not being used and let the connections get monitored for the whole night to see if it picks up any suspicious activity.

So regardless of malware being present and undetected - the results should show if any data was possibly sent to suspicious ip addresses at any time.

The downside is that it requires email registration.

No personal user data is sent - it only monitors the ip addresses that a machine connects to and checks them against databases of those that are known to be malicious or suspicious.

For removal of any potential malware the usual methods are needed.

So to sum up - ThreatCheck checks for suspicious connections even though the onboard AV might report that the machine is clean. (Maybe it's missed something)
My System SpecsSystem Spec
.

13 Oct 2014   #4
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Ok Chris well I got the name from one of the attachments can't see it now but anyway what you have described looks pretty good to me and as for divulging ones email address well it isn't going to work if one doesn't eh??
Mate I like it and when I get chance I shall try it out on one of my desktops at home - on my laptop for most of the time cos I am living away and like I said I might even refer that poster to your site because it involved someone asking he to change her passwords and yep she did and now has this problem of it being there all the time. I have advised her on a few things to do and am waiting for a reply now.
My System SpecsSystem Spec
13 Oct 2014   #5
Mellon Head

Win 7 Pro x64/Win 10 Pro x64 dual boot
 
 

I tried it out. It refuses to let me use a Hotmail address for some reason. Says the address contains "reserved words."

Seems like a good idea otherwise.
My System SpecsSystem Spec
13 Oct 2014   #6
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Email attachments?

I know that Windows 7 will allow user to open email attachments even if they haven't been scanned. Luckily this behaviour can be changed.

Learn how to set Windows 7 to notify antivirus programs when it opens and attachment.

If it was a link in an email that was clicked on then it's down to onboard security. Personally I use an add on to check suspicious links contained in emails. Even if they're clean I copy them into my browser rather than clicking on them!
My System SpecsSystem Spec
13 Oct 2014   #7
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Reserved words?

Quote   Quote: Originally Posted by Mellon Head View Post
I tried it out. It refuses to let me use a Hotmail address for some reason. Says the address contains "reserved words."

Seems like a good idea otherwise.
That's odd! If you're email address contains special characters, spaces or underscores I suppose that it could cause the problem when registering. Personally I use disposable email addresses when signing up for this type of thing.
My System SpecsSystem Spec
13 Oct 2014   #8
Mellon Head

Win 7 Pro x64/Win 10 Pro x64 dual boot
 
 

Quote   Quote: Originally Posted by Callender View Post
Quote   Quote: Originally Posted by Mellon Head View Post
I tried it out. It refuses to let me use a Hotmail address for some reason. Says the address contains "reserved words."

Seems like a good idea otherwise.
That's odd! If you're email address contains special characters, spaces or underscores I suppose that it could cause the problem when registering. Personally I use disposable email addresses when signing up for this type of thing.
Yeah. My Hotmail address is my disposable one, and it has no special characters, but it won't let me use it. It's weird. I would have liked to have seen the results. There were a couple of anomalies...
My System SpecsSystem Spec
13 Oct 2014   #9
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Hotmail issues?

It's strange that they don't accept hotmail. You could just copy the ip addresses to your clipboard and check them yourself. If you modify the VT link in the first post you can just copy and paste the ip address into it.
My System SpecsSystem Spec
Reply

 ThreatCheck released




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
7-Zip 9.22 Released
7-Zip 9.21 Beta is available. Changelog below. What's new: - 7-Zip now can unpack UEFI BIOS files. - 64-bit version of 7-Zip now includes additional 32-bit shell extension DLL. So other 32-bit programs can call 64-bit 7-Zip via context menu. - Now it's possible to associate 7-Zip...
Software
VLC 1.1.5 Released
November 13, 2010 VLC player 1.1.5 is available. Changelog below. What's new in 1.1.5 Two and a half months after VLC 1.1.4, and after almost 50 million downloads of VLC 1.1.4, here is a minor release of VLC 1.1.5. Introducing small features and fixing important bug and a security...
Software
GPU-Z 0.4.6 Released
September 2, 2010 GPU-Z 0.4.6 is available. Changelog below. 0.4.6
Software
GPU-Z 0.44 Released
GPU-Z 0.44 is available. Changelog below- Added support for NVIDIA GeForce GTX 460, GT 330, GT 315, GT216 based ION Added support for AMD HD 5670 (Juniper), Mobility HD 5430, Mobility 4200, Mobility 4100 Added PowerColor hardware giveaway Added die size measurement for NVIDIA GF100
Software
VLC 1.0.3 released
To anyone having problems with the video looking gridy (my term) in VLC & Windows 7, they released the official 1.0.3 version today.
Music, Pictures & Video
IE8 RTM Released
IE8 final has been released to the public, but I'll warn you those servers are swamped! Internet Explorer 8: Home page
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:25.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App