Mash Posted May 31, 2012 Posted May 31, 2012 Latest Status: Everything is returning to normal. If you can load www.swiftkit.net and the website comes up fine, then everything is working fine for you and you don't have to worry. As some of you may have noticed, our website at swiftkit.net is currently displaying what can only be described as unexpected results. First off, we would like to ensure you that SwiftKit it self is completely fine, our website has no relation to how the program works. We do, how ever, advice against visiting the website at this time as we are unable to vouch for the content of the site, and in light of this we would like to remind you of the following precautions; Do not accept any java applet requests from unknown sources Do not download and run files from unknown sources Do not enter your RuneScape information anywhere but http://www.runescape.com Although swiftkit.net is a known source, we ask that you avoid downloading or running anything from our site until we have been able to solve the current issues. Further more, there's been some worries that your user details may be compromised, this is not a concern as SwiftKit doesn't store your details in any way. The SwiftKit client is also safe, as the website was defaced while our servers are untouched. You may experience warnings from your antivirus programs when starting SwiftKit though ,this is because our patch notes and the welcome page are hosted on our domain. For those more interested in what is happening, our domain has been hijacked, and we are currently working on recovering it. This is unfortunately something that is beyond our control as it is controlled by our domain registrar and the way they handle all requests regarding domain changes. We are in contact with the registrar and are working to solve the issues, but due to the way their company is set up, it is a time consuming and slow process and we are unable to give a time frame for when it will be resolved. We thank you for your continued support and use of swiftKit, and ensure you that the continued security of our users is something we strive for on a daily basis. Update We understand that after a while, a java drive by was introduced into the hijacked sites prompting users to run an unsigned java applet which would install malware on your system. If you received the prompt and accepted it, or would just like peace of mind, we recommend running your antivirus or using Microsoft Security Essentials which we found picked up this specific malware rather easily. We are still working on resolving all issues, but will keep this post updated with information as we have it available EDIT: As a result of the fantastic work buy a number of people, we have dissected the malware that attempted to get into the computers of SwiftKit users. Here is a way to definitively check to see if you are indeed infected: 1. Open Start 2. In search, type "regedit" and hit Enter 3. Navigate to "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows" using the folder dropdowns. 4. If there is a file or entry in the Windows folder called "Adobe Drivers", than you are infected and you require removal. If it doesn't exist, you are not infected. Removal: 1. Right-click the taskbar and select "Start task manager" 2. In the Processes tab, end any process named "winsyl.exe" 3. In the Registry Editor window you still should have open, right-click the "Adobe Drivers" folder and select Delete 4. Open Windows Explorer, enter in the URL %AppData%\Microsoft\Windows\ 5. Delete the folder "Drivers" 6. As a safety measure, run a full system scan using a reputable anti-virus such as MSE.
DeltaPapa Posted May 31, 2012 Posted May 31, 2012 Removal: 1. Right-click the taskbar and select "Start task manager" 2. In the Processes tab, end any process named "winsyl.exe" 3. In the Registry Editor window you still should have open, right-click the "Adobe Drivers" folder and select Delete 4. Open Windows Explorer, enter in the URL %AppData%\Microsoft\Windows\ 5. Delete the folder "Drivers" 6. As a safety measure, run a full system scan using a reputable anti-virus such as MSE. Most important bit
Sopuli Posted May 31, 2012 Posted May 31, 2012 thought this is off topic area, not public rs discussion
TJ Posted May 31, 2012 Posted May 31, 2012 thought this is off topic area, not public rs discussion No one cares anymore lol Really doesn't matter.
Xlose Posted June 2, 2012 Posted June 2, 2012 Ive known a couple people this infected, they said it was just a run java normal popup. Till they tried logging in again... Moral of the story dont click shit you dont know. lol
![[ FOE ] Final Ownage Elite - #1 OSRS Legacy Pure Clan & Community](https://www.foe-rs.com/forums/uploads/monthly_2022_10/foe_site_logo.png.8ce1cbcdad473d2374bd4ddb4ec47596.png){kind=logo}
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now