Jump to content


Trend Micro Announces HijackThis to Go Open Source


  • Please log in to reply
13 replies to this topic

#1 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,321 posts

Posted 17 February 2012 - 03:17 PM

In part from Trend Micro Releases HijackThis Source Code to sourceforge.net -- CUPERTINO, Calif., Feb. 17, 2012 /PRNewswire/ --

QUOTE
Program's Creator Merijn Bellekom Endorses Open Source Move

The code, originally written in Visual Basic, is now officially available at http://sourceforge.net/projects/hjt/.

"This means that other people can build on a solid base to create or improve their own anti-malware tools," said Merijn Bellekom, the original creator of HijackThis.

Trend Micro has offered HijackThis as a free tool since acquiring the antispyware freeware tool from its Netherlands-based creator, Merijn Bellekom in 2007...

{SNIP}

Trend Micro will continue to maintain the original source code and will update the base code on SourceForge as developers make modifications that are essential and positive to the continued improvement of this code.  As new malicious code is released faster than ever before, the need for analyzing log data to identify new malicious code is more important than ever.  Through this offer to the open source community, the product has the opportunity to develop and become an even better solution to quickly identify new malicious code.

"HijackThis moving to open source is a really exciting stage for this tool and a big thanks to Trend Micro for bringing this tool back to life.  HijackThis was once the most used tool for enumerating Windows startup programs and quickly identifying the presence of malware.  Moving HijackThis to open source will prompt more rapid releases and also allow more people to be involved in the project so that it is able to keep pace with current infection techniques," said Larry Abrams, Owner and Founder of BleepingComputer.com.

Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#2 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 17,139 posts

Posted 17 February 2012 - 03:40 PM

WOW! Hijack This. I remember that handy little app. smile.gif
Posted ImagePosted ImagePosted Image

#3 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 19,385 posts

Posted 17 February 2012 - 10:02 PM

That is awesome news! thumbsup.gif
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#4 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,321 posts

Posted 17 February 2012 - 10:39 PM

Merijn told me he was happy about it.  Although, unless significant improvements are made, I can't see it becoming mainstream again.  The security community has moved on to DDS and OTL.  (I personally prefer DDS, finding OTL a bit too busy.)
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#5 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 19,385 posts

Posted 17 February 2012 - 10:49 PM

Heard that Corrine. Hope it was done soon enough...
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#6 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,321 posts

Posted 18 February 2012 - 04:43 PM

It will depend upon what improvements are made.  RSIT & DDS both originated in August, 2008 to provide the additional information needed based on how malware evolved.
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#7 OFFLINE   Temmu

Temmu

    The Assimilator

  • Forum MVP
  • 10,967 posts

Posted 18 February 2012 - 11:48 PM

<ignorance>
have used hijack this, and rsit.
but what are dds and otl?
linkies??
</ignorance>
Posted Image

#8 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,321 posts

Posted 19 February 2012 - 12:07 PM

DDS.scr is an analysis only tool created by sUBs (ComboFix creator).  DDS stands for "Doesn't Do Squat".   Sample DDS logs at LzD

OTL was created by "Old Timer".  See this by Blair at Geeks to Go: OTL by OldTimer A Modern Replacement for HijackThis
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#9 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 19,385 posts

Posted 19 February 2012 - 01:27 PM

Wow, Corrine! You are amazing! I just read through that entire thread and you and Bruno must have the best patience on the planet...well you now, since Bruno is no longer with us...sadly.

worthy.gif

BTW: Speaking of that thread, you mentioned a link about a third party firewall that could really help with rootkits, and other malware prevention: here with a link to: Privacyware Privacy Personal Firewall free

I am wondering if this has turned out to be as good as noted?
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#10 OFFLINE   Temmu

Temmu

    The Assimilator

  • Forum MVP
  • 10,967 posts

Posted 19 February 2012 - 08:30 PM

thx, corrine!
Posted Image

#11 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,321 posts

Posted 19 February 2012 - 08:50 PM

With the ZA (Zero Access) rootkit, which has backdoor capabilities and is very destructive, the best action is a nuke & pave.  

The information posted about Privacy Firewall was from their website.  I added it to the list of firewalls when I updated that forum to remove a bunch of out-dated firewalls, no longer supported.  I mentioned it in that thread because Windows Firewall Service was still not working.  Since a number of Windows 7 systems seem to have a problem with ZA causing BSOD's, I suggested that as an alternative.  

Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#12 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 19,385 posts

Posted 19 February 2012 - 10:24 PM

QUOTE (Corrine @ Feb 19 2012, 08:50 PM) <{POST_SNAPBACK}>
With the ZA (Zero Access) rootkit, which has backdoor capabilities and is very destructive, the best action is a nuke & pave.  

The information posted about Privacy Firewall was from their website.  I added it to the list of firewalls when I updated that forum to remove a bunch of out-dated firewalls, no longer supported.  I mentioned it in that thread because Windows Firewall Service was still not working.  Since a number of Windows 7 systems seem to have a problem with ZA causing BSOD's, I suggested that as an alternative.

Whose website was the Privacy Firewall on? The rootkit ZA's website? That's what it sounded like anyway.

If that's the case, it's not a good thing after all?
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#13 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,321 posts

Posted 20 February 2012 - 11:12 AM

Sorry, Fran, my wording was awkward and confusing by my use of initials.  bangin.gif  I meant that the information I posted at LzD about Privacy Firewall came from the Privacy Firewall website.  It had nothing to do with the ZeroAccess rootkit.  The reference to BSOD's was meant to refer to Zone Alarm.
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#14 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 19,385 posts

Posted 20 February 2012 - 11:34 AM

QUOTE (Corrine @ Feb 20 2012, 11:12 AM) <{POST_SNAPBACK}>
Sorry, Fran, my wording was awkward and confusing by my use of initials.  bangin.gif  I meant that the information I posted at LzD about Privacy Firewall came from the Privacy Firewall website.  It had nothing to do with the ZeroAccess rootkit.  The reference to BSOD's was meant to refer to Zone Alarm.

Thank you for that clarification. No worries Corrine! thumbsup.gif

OK, so it's a legitimate program then. Great! Was thinking about using it on my old XP laptop along with MSE and didn't want to even try it out till I heard back from you on this. wink.gif

Will do some research on reviews for Privacy Firewall too before trying it out. But it sounded like it would be something that might be worthwhile for recommending in the future after testing.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users