Thank you for releasing HiJackThis back out to the big wide world as open source.
Looking at the source code identifies the original author as Merijn Bellekomat at "www.merijn.org/contact.html" and also "http://www.merijn.org/donate.html". Kudos to him for all the hard work he put into this utility all those years ago - it has proved to be a real Swiss Army knife against many types of nasties out there.
Surfing across to those web sites and then clicking on the 'Download button' brings up the following "Merijn.ru is the official site where you can download Hijackthis.exe" as the first sentence.
Russia?!!!
I suppose the web site at merijn.org and merijn.ru are controlled by the white hats, aren't they? No dentists, eh?
It would be an everlasting shame of for the want of an domain name registration and a website run charitably by some kind and reputable organisation such as Trend Micro that one of the more useful tools used by anti-malware fighters was simply hijacked by some nefarious person registering a website and then posting their warez for unsuspecting users to download.
Worried…
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sorry for the late reply. Which website are you talking about when you're saying:
"Surfing across to those web sites and then clicking on the 'Download button' brings up the following "Merijn.ru is the official site where you can download Hijackthis.exe" as the first sentence. "
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
http://merijn.org/download-hijackthis-exe/ is the web address that the download button on the main merijn.org website references. This has text that advises that the merjin.ru is the official website to download the utility. Go on, have a look over there.
The big hint was to please check the domain_ owner_ of the merijn.org and merijn.ru domain names. Trend Micro do have facilities to do this as part of their malware fighting arsenal I assume? If it has been cyber-squatted, maybe some kind soul like Trend Micro could retrieve the domain to prevent it being exploited, or give us some assurance that it is well looked after.
I'd be concerned if a prime malware fighting tool was to be deliberately infested and then deployed widely.
Russia? Worried? Who me?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sorry again for my late reply but it seems like the notifications aren't working that well. Both website look suspicious to me, owner information of merijn.org are giving me someone based in the US, but the original author of HJT is located in NL. the domain merijn.ru doesn't exist anyway and is unreachable. I'm double checking this with Merijn directly and will give you an update asap.
Thanks for the heads-up.
Loucif.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Here is the reply I've got from the HJT author:
"I only own Merijn.nu. SpywareInfo registered merijn.org for me but disappeared, the domain expired and spammers snapped it up. I don't know anything about merijn.ru."
So merijn.org and ru are dangerous and not legit at all. Thanks for pointing this out.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Welcome to Developers
Loucifk,
Thank you for releasing HiJackThis back out to the big wide world as open source.
Looking at the source code identifies the original author as Merijn Bellekomat at "www.merijn.org/contact.html" and also "http://www.merijn.org/donate.html". Kudos to him for all the hard work he put into this utility all those years ago - it has proved to be a real Swiss Army knife against many types of nasties out there.
Surfing across to those web sites and then clicking on the 'Download button' brings up the following "Merijn.ru is the official site where you can download Hijackthis.exe" as the first sentence.
Russia?!!!
I suppose the web site at merijn.org and merijn.ru are controlled by the white hats, aren't they? No dentists, eh?
It would be an everlasting shame of for the want of an domain name registration and a website run charitably by some kind and reputable organisation such as Trend Micro that one of the more useful tools used by anti-malware fighters was simply hijacked by some nefarious person registering a website and then posting their warez for unsuspecting users to download.
Worried…
The link http://merijn.org/donate.html is: Error 404 - Not Found
Sorry for the late reply. Which website are you talking about when you're saying:
"Surfing across to those web sites and then clicking on the 'Download button' brings up the following "Merijn.ru is the official site where you can download Hijackthis.exe" as the first sentence. "
http://merijn.org/download-hijackthis-exe/ is the web address that the download button on the main merijn.org website references. This has text that advises that the merjin.ru is the official website to download the utility. Go on, have a look over there.
The big hint was to please check the domain_ owner_ of the merijn.org and merijn.ru domain names. Trend Micro do have facilities to do this as part of their malware fighting arsenal I assume? If it has been cyber-squatted, maybe some kind soul like Trend Micro could retrieve the domain to prevent it being exploited, or give us some assurance that it is well looked after.
I'd be concerned if a prime malware fighting tool was to be deliberately infested and then deployed widely.
Russia? Worried? Who me?
Sorry again for my late reply but it seems like the notifications aren't working that well. Both website look suspicious to me, owner information of merijn.org are giving me someone based in the US, but the original author of HJT is located in NL. the domain merijn.ru doesn't exist anyway and is unreachable. I'm double checking this with Merijn directly and will give you an update asap.
Thanks for the heads-up.
Loucif.
Here is the reply I've got from the HJT author:
"I only own Merijn.nu. SpywareInfo registered merijn.org for me but disappeared, the domain expired and spammers snapped it up. I don't know anything about merijn.ru."
So merijn.org and ru are dangerous and not legit at all. Thanks for pointing this out.
Does anyone know about the current rating of merijn.ru and merijn.org? Should we really take them as malicious?
Last edit: Fernando Mercês 2015-06-06