Mourning the loss of our friend, WhitPhil.
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
 
General Security
Tag Cloud
access audio blue screen boot bsod connection crash dell desktop driver drivers dvd email error excel excel 2003 firefox hard drive hardware hijackthis internet keyboard laptop malware monitor motherboard network networking outlook problem processor recovery router screen slow sound spyware tdlwsp.dll trojan upgrade vba video virus vista vundo windows windows 7 windows vista windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > General Security >
How to construct a Baseline?

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ]

Closed Thread
 
Thread Tools
lunarlander's Avatar
Computer Specs
Senior Member with 1,329 posts.
 
Join Date: Sep 2007
22-Jun-2008, 11:08 AM #1
Question How to construct a Baseline?
Hi,

I am wondering how what you folks use to construct a baseline so as to detect if you've been hacked. I am currently using HijackThis to save a hijack log and a startup list. And am also using MsInfo to export a pc configuration txt file. I am thinking of using SysInternal's RootkitRevealer to save a log too. Is this any good?

I'm assuming that any keylogger and hacker's monitoring tools needs to start up when I login somehow and that is covered by HijackThis's monitoring of startup points in the system. If the hacking tool is a driver, then a diff with MsInfo logs will catch those. And Rootkits will show up on RootKitRevealer.

Does this combination capture enough info to form a baseline ? What do you guys use?

Last edited by lunarlander : 22-Jun-2008 12:11 PM.
lunarlander's Avatar
Computer Specs
Senior Member with 1,329 posts.
 
Join Date: Sep 2007
26-Jun-2008, 04:22 PM #2
So nobody does baselines?
lunarlander's Avatar
Computer Specs
Senior Member with 1,329 posts.
 
Join Date: Sep 2007
03-Jul-2008, 07:07 PM #3
bump
Closed Thread Bookmark and Share

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Smart Search

Find your solution!



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -5. The time now is 02:50 PM.
Copyright © 1996 - 2009 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2009, Jelsoft Enterprises Ltd.
Powered by Cermak Technologies, Inc.