Merijn, the creator of HijackThis recently sold the popular application used to remove malware to Trend Micro. In addition to improvements like support for Windows Vista, they’ve added a deceptively titled “AnalyzeThis” button. While the average user likely thinks the AnalyzeThis button provides helpful information for diagnosing their log, it’s main purpose is to send the HJT log data to Trend Micro. Unfortunately, unless you carefully read the Trend Micro End User License Agreement, you would probably never know that the AnalyzeThis button submits the data from your HijackThis log to Trend Micro for use by them and their partners.

The Anti-Spware Coalition defines spyware as the following:

Spyware: The term Spyware has been used in two ways.

In its narrow sense, Spyware is a term for Tracking Software deployed without adequate notice, consent, or control for the user.

In its broader sense, Spyware is used as a synonym for what the ASC calls ?Spyware (and Other Potentially Unwanted Technologies).?:

Technologies deployed without appropriate user consent and/or implemented in ways that impair control over.

  • Material changes that affect their user experience, privacy, or system security;
  • Use of their system resources, including what programs are installed on their computers; and/or
  • Collection, use, and distribution of their personal or other sensitive information.

This is HijackThis version 2.0.2 (the latest version) after scanning your system.

#3 is the new AnalyzeThis button:

HijackThis AnalyzeThis

Clicking AnalyzeThis will redirect to this page:

AnalyzeThis webpage

No where on the AnalyzeThis landing page does it inform that your HJT log data was just to be transferred to Trend Micro, or provide the option to opt-out of data submission. The only clue is a link titled, “stats on your log file entries”. Which contains mostly useless information on the popularity of your entries. Would you have any idea that HJT log data had just been transferred to Trend Micro?

What about Trend’s Quick Start Guide? No, just this:

3. Once the scan is complete, click the AnalyzeThis button. A web page will open containing helpful information regarding HijackThis.

Maybe the Frequently Asked Questions? No help, not even a mention of AnalyzeThis.

Excerpt from Trend Micro End User License Agreement :

5. REPORTS AND PRIVACY. At any time during the term of this Agreement, You may
choose to send to Trend Micro a report of log files that may include personal information
that the Software scanned on Your computer. By accepting this Agreement, You hereby
give Your consent to Trend Micro to process log file data provided by You (“Information”)
in connection with this Agreement; processing may include collection, registration,
storage, modification or disclosure of such Information to third parties. As a condition to
using the Software and by accepting this Agreement, You ensure, represent and warrant
that You are legally permitted to provide Trend Micro with access to the Information and
You also give Your consent to Trend Micro to transfer or store the Information in one or
more of its group companies, located in and/or outside the country where You are
located, and/or in jurisdictions which may have a lower level of protection of Information
than is applicable in the country where You are located or where pr
ivacy laws may not be as stringent as those in Your own country.

WhatTheTech (formerly TomCoyote) is no stranger to HijackThis. Our Quick Start Guide was included in version 1.99.1:

HJT Quick Start

Trend Micro’s version 2.0.2 of HijackThis is currently supported by WhatTheTech in the forums. The Vista support and other improvements make it a necessary tool in some instances, and there are frankly few other good alternatives (although some are in development). Unless version 2.0.2 is requested or required by a Vista installation, we recommend the continued use of HJT version 1.99.1.

While technically the license agreement does address the data collection, we encourage you to contact Trend, and encourage them to stop the deceptive behavior with HijackThis. Due to the nature of the software, they should be extra careful to disclose any privacy concerns. Transparency is the issue. There should also be a clear warning when any data is about to be transferred, and an option to opt-out of all data submission.

digg story