Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis released as open source


  • Please log in to reply
7 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,639 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:48 PM

Posted 17 February 2012 - 11:49 AM

In a press release Today, Trend Micro announced that they have moved the internal development of HijackThis to an open source development model. Though HijackThis will still be maintained by Trend Micro, you now have the ability to view the full source and offer your own suggestions that could be included in the open source Trend Micro build.Trend Micro states in their press release: "Trend Micro will continue to maintain the original source code and will update the base code on SourceForge as developers make modifications that are essential and positive to the continued improvement of this code. As new malicious code is released faster than ever before, the need for analyzing log data to identify new malicious code is more important than ever. Through this offer to the open source community, the product has the opportunity to develop and become an even better solution to quickly identify new malicious code." As BleepingComputer.com and many other anti-malware communities have deep roots in HijackThis, this is an exciting time for the development of this program. For too long HijackThis has not been able to keep up with the latest infection vectors. Whether that is because of more rigorous internal corporate testing or simply because Trend did not have enough focus on the tool, moving to the open source could allow this program to become more effective.


BC AdBot (Login to Remove)

 


#2 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:07:48 PM

Posted 17 February 2012 - 01:18 PM

This is great news. The "Old Man" needs a heart transplant--I remember (not very long ago) when HijackThis was cutting edge in it's category.

"HijackThis moving to open source is a really exciting stage for this tool and a big thanks to Trend Micro for bringing this tool back to life. HijackThis was once the most used tool for enumerating Windows startup programs and quickly identifying the presence of malware. Moving HijackThis to open source will prompt more rapid releases and also allow more people to be involved in the project so that it is able to keep pace with current infection techniques," said Larry Abrams, Owner and Founder of BleepingComputer.com.


Woot Woot! :clapping:

Edited by Union_Thug, 17 February 2012 - 01:25 PM.


#3 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:04:48 PM

Posted 17 February 2012 - 02:23 PM

Is it just me, or is the source not actually available yet?

#4 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,639 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:48 PM

Posted 17 February 2012 - 02:29 PM

You can find it if you dig around.

http://hjt.svn.sourceforge.net/viewvc/hjt/src_204/?pathrev=3

#5 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:04:48 PM

Posted 17 February 2012 - 04:04 PM

You can find it if you dig around.

http://hjt.svn.sourceforge.net/viewvc/hjt/src_204/?pathrev=3

Apparently my shovel needs sharpening.

#6 James Litten

James Litten

    Ԁǝǝ˥q


  • BC Advisor
  • 1,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:06:48 PM

Posted 17 February 2012 - 04:12 PM

I had no idea that it was VB calling the Win32 API. Or am I mistaken?

That might explain some of the growth problems. Certainly makes it easy to read :)

James

#7 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,639 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:48 PM

Posted 17 February 2012 - 04:20 PM

I didn't look into it too much, but yes, its VB using Windows API calls. For example:

Public Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, ByVal samDesired As Long, phkResult As Long) As Long
Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
Public Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
Public Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As Long
Public Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
Public Declare Function RegCreateKeyEx Lib "advapi32.dll" Alias "RegCreateKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal Reserved As Long, ByVal lpClass As String, ByVal dwOptions As Long, ByVal samDesired As Long, lpSecurityAttributes As Any, phkResult As Long, lpdwDisposition As Long) As Long
Public Declare Function RegEnumValue Lib "advapi32.dll" Alias "RegEnumValueA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpValueName As String, lpcbValueName As Long, ByVal lpReserved As Long, lpType As Long, lpData As Byte, lpcbData As Long) As Long
Public Declare Function RegEnumKeyEx Lib "advapi32.dll" Alias "RegEnumKeyExA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpName As String, lpcbName As Long, ByVal lpReserved As Long, ByVal lpClass As String, lpcbClass As Long, lpftLastWriteTime As Any) As Long


#8 ident

ident

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cambridge
  • Local time:07:48 PM

Posted 17 February 2012 - 05:10 PM

Ha i really do struggle with SF, god knows why. I assume i will need SVN to download all in one?

All we need is next is m$ to make VB6 open source. I did sign a partition once.

*edit got it

Edited by ident, 17 February 2012 - 05:18 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users