Wednesday, February 22, 2012

HijackThis gets all open. Download the VB6 (yes, VB6) code now...

Windows7hacker - HijackThis Goes Open Source

"HijackThis, originally created by Merijn Bellekom and later sold to Trend Micro, has now been released as Open Source by Trend Micro as of February 20, 2012. The originally written in Visual Basic is now hosted on SourceForge.net waiting to be manipulated and improved for the good.

In case you are now aware, HijackThis is a free scanning utility that scans and generates an in-depth report of registry and file settings from your Windows system. In addition to its scan and remove capability, HijackThis also comes with several tools useful in manually removing malwares from your computer.

HijackThis will not determine what’s good or bad, nor making any changes to your computer settings unless told too.

..."

Wikipedia - HijackThis

HijackThis (HJT) is an open source[1] enumerating tool for Microsoft Windows originally created by Merijn Bellekom, and later sold to Trend Micro. The program is notable for targeting browser-hijacking methods, rather than relying on a database of known spyware. It scans a user's computer quickly, and displays browser hijacking locations, showing what entries are there. HijackThis is used primarily for diagnosis of browser hijacking, as uninformed use of its removal facilities can cause significant software damage to a computer. HijackThis does not remove or detect spyware; it lists most common locations where browser hijacking activity can occur. Browser hijacking can cause malware to be installed on a computer.

On February 16, 2012, Trend Micro released the HijackThis source code as open source and it is now available on the SourceForge site.

Contents

  • 1 Use
  • 2 HijackPro
  • 3 References
  • 4 External links

Use

HijackThis can generate a plain-text logfile detailing all entries it finds, and some entries can be fixed by HijackThis. Inexperienced users are often advised to exercise caution, or to seek help when using the latter option, as HijackThis does not discriminate between legitimate and unwanted items, with the exception of a small whitelist of legitimate entries, thus allowing a user unintentionally to prevent important programs from operating, which may cause the computer or its peripherals to stop working. HijackThis attempts to create backups of the files and registry entries that it fixes, which can be used to restore the system in the event of a mistake.

A common use is to post the logfile to a forum where more experienced users can help decipher which entries need to be removed. Automated tools also exist that analyze saved logs and attempt to provide recommendations to the user, or to clean entries automatically.[2] Use of such tools, however, is generally discouraged by those who specialize in manually dealing with HijackThis logs: they consider the tools dangerous for inexperienced users, and neither accurate nor reliable enough to substitute for consulting with a trained human analyst.

Later versions of HijackThis include such additional tools as a task manager, a hosts-file editor, and an alternate-data-stream scanner.
...image

image..."

Trend Micro Releases HijackThis Source Code to sourceforge.net

"CUPERTINO, Calif., Feb. 17, 2012 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cloud security leader, today announced the release of HijackThis as an open source application.

HijackThis - http://en.wikipedia.org/wiki/Hijackthis - scans your computer to find settings changed by spyware, malware or other unwanted programs. HijackThis also generates an in-depth report to enable expert users to analyze and fix an infected computer. Several security communities use HijackThis log files to help users evaluate and eradicate infections. A common practice for novice users is to generate a HijackThis log file and submit it to one of the many forums devoted to HijackThis on the web. Experts at these forums provide information on which items are causing your problems and how to remove them safely from your computer.

The code, originally written in Visual Basic, is now officially available at http://sourceforge.net/projects/hjt/.

"This means that other people can build on a solid base to create or improve their own anti-malware tools," said Merijn Bellekom, the original creator of HijackThis.

Trend Micro has offered HijackThis as a free tool since acquiring the antispyware freeware tool from its Netherlands-based creator, Merijn Bellekom in 2007. By then, it had already been downloaded more than 10 million times and was often used to submit logs to online discussion and help forums, such as Castlecops.com, Majorgeeks.com and Spywareinfo.com, to elicit comments that could help in cleaning infected desktops

"HijackThis was an essential tool at CastleCops, so much so that there were forums, web applications and services dedicated to it, answering questions posed from the data collected about files and registry entries. Hands down, HijackThis was vital to the health of a PC providing needed data that helped experts clean machines from complicated malware infections. Enabling the open source community with source code for the powerful tool HijackThis shows the commitment Trend Micro has toward advancing security and privacy. The OSS framework provides people with an opportunity to help others in a rich and diverse environment, and this ensures that HijackThis will continue building on its strength in serving the community," said Paul Laudanski, Founder, Castlecops.com

Trend Micro will continue to maintain the original source code and will update the base code on SourceForge as developers make modifications that are essential and positive to the continued improvement of this code. As new malicious code is released faster than ever before, the need for analyzing log data to identify new malicious code is more important than ever. Through this offer to the open source community, the product has the opportunity to develop and become an even better solution to quickly identify new malicious code.

..."

HJT - SVN Browse

image

Yep, that's VB6 alright...

No comments:

Post a Comment

NOTE: Anonymous Commenting has been turned off for a while... The comment spammers are just killing me...

ALL comments are moderated. I will review every comment before it will appear on the blog.

Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...

I reserve, and will use, the right to not approve ANY comment for ANY reason. I will not usually, but if it's off topic, spam (or even close to spam-like), inflammatory, mean, etc, etc, well... then...

Please see my comment policy for more information if you are interested.

Thanks,
Greg

PS. I am proactively moderating comments. Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...