# Trend Micro acquires HijackThis antispyware tool



## Kalim (Nov 24, 2006)

Well you all know the tool thats used by all to troubleshoot spyware, developed by Merijn. Its now been acquired by Trend Micro, who already have a new version of it named "HijackThis 2.0 Beta" out there. The same happened with CWShredder by Merijn, which was finally bought over by Trend Micro too.

There's also a plugin, "TrendProtect Beta" which works just like McAfee SiteAdvisor for your browser, now available by Trend Micro.
Whereas McAfee provided a single rating for an entire site, TrendProtect analyzes individual pages separately. One example of its functioning is through the use of CallingID to look at the domain's owner and history to get a reputation score. 
TrendProtect pre-scans links in search results from Google, MSN, and Yahoo. It flags each link as green (safe), red (dangerous), yellow (iffy) or grey (unknown). Hovering the mouse over a TrendProtect icon gets more information, as well as a link to launch TrendMicro's free HouseCall malware scanner/cleaner. It looks for how long the domain has been registered and how often it changes hosting sites, among other things. In addition to checking the URL against multiple databases, TrendProtect actually analyzes the content, like in social networking sites, for dangerous links and to catch any exploits or malicious code. 

Both products are free to download, but be reminded they are yet in *beta* testing. :wink:

The full news report and the links to download are available here:
http://articles.techrepublic.com.com/2100-1009_11-6167308.html?tag=nl.e019

From Trend Micro themselves in more depth:
http://www.trendmicro.com/en/about/news/pr/archive/2006/pr031407.htm


----------



## tetonbob (Jan 10, 2005)

To our members and visitors:

We've been aware of this for some time, and have held off reporting on this for the very reason it is in Beta.

We do NOT want logs from the Beta version to begin appearing in the HijackThis Log Help forum.

For those of you who may need assistance with malware removal, go here first and follow the procedures.


----------



## Geekgirl (Jan 1, 2005)

*Hjt*

It appears that Trend Micro has bought HijackThis.

http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php

It's still free and they have added quite a bit of documentation.


----------



## Glaswegian (Sep 16, 2005)

It's still a BETA version - users should continue to start with our 5 steps before posting a log.

http://www.techsupportforum.com/sec...pdated-important-read-before-posting-log.html


----------



## Girderman (Oct 22, 2006)

I don't think this is a good thing.

The "free" services offered by TrendMicro seem niggardly (meaning puny), and I wonder what elements of HJT they might cripple in order to create more profit.


----------



## Kalim (Nov 24, 2006)

AFA I've seen, they've _added_ to it rather than the converse yet. :wink:

The main visible feature being the "Analyze This" which uploads the log file and takes you to TrendMicro online analysis.

Its got a 1MB larger footprint, so something's been added.


----------



## tetonbob (Jan 10, 2005)

Well, many of us in the malware removal community find the AnalyzeThis button one of the current problems.

Reason being, the AnalyzeThis button is an internal data collection tool only, specifically for aggregating data right now, but some users will see it as an analysis of their machine, and possibly delete things that are on only 0.8% of machines, or some such silliness. This is a potential disaster, and should be removed in the opinion of many malware removal specialists.


> This table below compares your HijackThis log file entries with others analyzed by Trend Micro. The column "per 10,000 PCs" indicates, on average, how many times this entry in your log was found on other PCs. Additional information will be provided as more HijackThis log files are added to the AnalyzeThis database.


This is one of the ongoing topics of discussion we're having with members of the TM HJT development team in private forums, and one reason why we (and other forums) won't use v 2.0 Beta for analysis work at this time.

It has potential, but there are things which need to be addressed still, which the TM HJT development team has been open to.

To our members:

Do NOT post logs here from v2.0 Beta. We'll just ask you to go the the 5 Step thread, as already indicated.


----------



## Kalim (Nov 24, 2006)

I see, thanks.

Haven't had time to play around with it yet. Only started it up twice to compare both.

tetonbob: sometimes I get the feeling you're Kevin...


----------



## tetonbob (Jan 10, 2005)

> tetonbob: sometimes I get the feeling you're Kevin...


----------



## Kalim (Nov 24, 2006)

Oh, just some fella over at KRC. :grin:


----------



## tetonbob (Jan 10, 2005)

LMAO....if only I were that fast. I thought that's who you might be referring to. Thanks for the compliment. :grin:


----------



## Kalim (Nov 24, 2006)

My pleasure tetonbob. Kevin's a good guy. You have a lot of _online_ similarities. :wink:

I just infected my PC and ran both of those HJT applications in Safe Mode; HJT 1.99.0.1 and TM HJT 2.0.0 (BETA). Here's some feedback. 

The similarities existed in detection of everything including the new BHO, the toolbar and a startup entry.

The differences were appreciated as I had been tackling this in the older version. The fact that *some* of the 04 entries and services are missed.

In comparison to the approved HJT version 1.99.0.1:

The BETA version picked up *4* more 04 Run entries under the category of HKUS, that are actually existent.
The BETA version also picked out *2* 022 Shared Task Scheduler entries.
The BETA version missed out *2* 018 Protocol entries.

Speed was 3.99 seconds compared to 5.02 seconds for the BETA. :grin:


----------

