Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Tool HijackThis Goes Open Source

Posted by samzenpus on from the check-it-out dept.

wiredmikey writes "The popular free security tool HijackThis has been open sourced by its owner, Trend Micro. The tool scans systems to find settings that may have been modified by spyware, malware or other programs that have wiggled their way onto a system and caused problems. Downloaded over 10 million times, HijackThis generates reports to help users analyze and fix an infected or problem computer. But the tool is not designed for novices – and doesn't actually determine what's good or bad. That's up to you, but it is a good way to keep an eye on things and possibly locate anomalies that may have been missed by other security products. Trend Micro warns that if you don't know what you're doing, it's probably not a good idea to make any changes to your computer settings and system files. Trend Micro acquired the tool from creator Merijn Bellekom in 2007, and has offered it for free ever since, but now is making the code available to the public. The code, originally written in Visual Basic, is now officially available at Sourceforge here."

15 of 101 comments (clear)

  1. Free = no good by Ritz_Just_Ritz · · Score: 4, Funny

    My PHB says that free stuff can't be any good. Surely, we'd be much better off by throwing 7 figures at Symantec. ;)

    1. Re:Free = no good by bws111 · · Score: 4, Insightful

      More likely he says that free stuff without vendor support is no good, and for most businesses he is right.

    2. Re:Free = no good by jo_ham · · Score: 3, Funny

      If you use Symantec you'll certainly be throwing *something* at them.

    3. Re:Free = no good by Lumpy · · Score: 4, Funny

      7 figures? you guys only buylow grade garbage. you should by 8 or 9 figure solutions.

      --
      Do not look at laser with remaining good eye.
    4. Re:Free = no good by Creepy · · Score: 4, Insightful

      That is if you need to have accountability, such as selling or providing to a customer (this would be the latter - IT provides for its "customers" which are end users to them) but I think our developers use notepad++ for editing files more than any other program, so there are exceptions, and let's face it - if that tool breaks, there's always notepad. It is on our site license approved software download page even (for free and commercial tools we have a site license to download and self install), so it has passed through upper management and legal, but I'll admit the one there is an old GPL-2 licensed version - I don't know if it hasn't been updated because of legal concerns about GPL-3 or they just haven't gotten around to it, though (I know GPL-3 libraries are forbidden, but not sure about apps).

      In the case of HijackThis you are responsible for your own accountability, since it doesn't remove anything unless you tell it to, and a good IT person will back up the registry before making any changes to it (and know what is and is not a legit program).

    5. Re:Free = no good by mysidia · · Score: 3, Insightful

      Does the hours upon hours someone spend re-installing and re-configuring their system after a re-image count?

      The image is supposed to be taken after the install is fully configured with all the role-specific software.

      What about the time spent reloading data from backups?

      No data requiring backup is allowed to be on endpoints. Any documents should be in the user's profile which gets redirected to a place on the server.

  2. Still in Visual Basic by svick · · Score: 5, Informative

    Since it was "originally written in Visual Basic", I wonder what language does it use now?

    It turns out, it still uses Visual Basic. Not sure why was the summary written that way.

  3. Re:Where? by Foxhoundz · · Score: 5, Informative

    They're using Subversion to manage the code: http://hjt.svn.sourceforge.net/viewvc/hjt/

  4. Re:Java trapped by Anonymous Coward · · Score: 4, Insightful

    You could always get a life, realize that operating systems are not the end all of existence, and use a Windows machine to scan the hard drive.

  5. Not just for helpdesk and your family by ReallyEvilCanine · · Score: 5, Interesting

    Hijacjk This ain't jsut for helpdesk monkeys; we use it constantly in Enterprise software testing. Server works fine, Client works fine, OS checks out, software ain't working. Run HT and find the culprit pretty quickly, and when your customers are telcos and banks doing short-cycle upgrades for occasionally legit reasons, your on-site guys need to find fast answers.

    1. Re:Not just for helpdesk and your family by DigiShaman · · Score: 4, Informative

      I prefer Autoruns, Process Explorer, and Process Monitor.

      Short of nuke and paving the machine, I can clean up even the most foul and neglected of servers and workstations. Sometimes it's just more cost effective to replace it with a new one including data migration. YMMV.

      http://technet.microsoft.com/en-us/sysinternals/bb545027

      --
      Life is not for the lazy.
    2. Re:Not just for helpdesk and your family by ReallyEvilCanine · · Score: 3, Interesting
      I love SysInternals and have the original Winternals files on an old 3.2 SCSI-II somewhere (or maybe buried somewhere in a /win//utils/OS/win directory on my server). Run as many SysInternals as you want and find me the BHO that's preventing an ActiveX control from passing info through a hidden helper browser window. You can sit all day with Proc* looking for that. I want to find a bad thread or spin or memleak, yeah, SysInternals all the way.

      HT is by no means dead; you can spend a lot of extra time putting a screw through a board with a hammer but a screwdriver is probably the better and more efficient choice for the job.

  6. Re:Java trapped by Voyager529 · · Score: 5, Informative

    You could always get a life, realize that operating systems are not the end all of existence, and use a Windows machine to scan the hard drive.

    This.

    If you're that averse to installing Windows on something, check out some of the bootable diagnostic tools like the UBCD4Win project, the newer releases of Hiren's Boot CD (That are now pirated-software free), or HawkPE. They run right off the disc and have HijackThis - along with a plethora of other cleanup tools - pre-configured.

  7. Many thanks to HijackThis's creator! by acidradio · · Score: 3, Insightful

    I think the IT world collectively owes Merijn Bellekom some beers. Think about how many of us his tool has helped out over the years!

  8. Re:Which license, bitches? by liamevo · · Score: 5, Informative

    http://sourceforge.net/projects/hjt/ /me looks under license /me looks at you

    Was that hard?