Page 1 of 2 12 LastLast
Results 1 to 20 of 37

Thread: rvzr-a.akamaihd.net virus

  1. #1
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015

    rvzr-a.akamaihd.net virus

    This is really pissing me off, I can't get rid of it.

    Have tried TDSSKiller, MalwareBytes, MSSE, SuperAntiSpyware.
    Dont' see any weird processes or services.

    Any other suggestions appreciated, thanks

  2. #2
    Senior Member loop2kil's Avatar
    Join Date
    Jun 2000
    Location
    Atlanta, GA
    Posts
    5,232
    Does it go away with any scan but keeps coming back or you can't get rid of it at all? If the former then make sure to disable system restore. if the latter then try Combofix and see where that gets you.

    Also, try another AV like Avira or Avast....I've been liking Avira lately with the really small footprint of around 20mb running in the system.

    Also, make sure all temp files are gone before scanning...I like TFC by Oldtimer

    http://www.bleepingcomputer.com/download/tfc/

    I'm also thinking Host file could be infected/corrupted.

  3. #3
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Thanks for the suggestions.
    It's not that it's re-occurring, nothing finds it in the first place. Have tried safemode scans, system restore off, manual reg edit finds nothing.

    I haven't tried combofix yet, think of it as a very last resort. Has saved my ass before though, thanks for the reminder.

  4. #4
    Senior Member loop2kil's Avatar
    Join Date
    Jun 2000
    Location
    Atlanta, GA
    Posts
    5,232
    Quote Originally Posted by Humboldt View Post
    Thanks for the suggestions.
    It's not that it's re-occurring, nothing finds it in the first place. Have tried safemode scans, system restore off, manual reg edit finds nothing.

    I haven't tried combofix yet, think of it as a very last resort. Has saved my ass before though, thanks for the reminder.
    Have you checked the hosts file yet?

    http://support.microsoft.com/kb/972034

  5. #5
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Quote Originally Posted by loop2kil View Post
    Have you checked the hosts file yet?

    http://support.microsoft.com/kb/972034
    Huh. Ran combofix, thought it was all good, clicked your link and got a popup for http://rvzr-a.akamaihd.net/sd/wrap-0...ff%3D5040-1001

    Back to work

  6. #6
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Downed the .msi through your link but am getting http://fastonlinefinder.com/ads-clic...HRk&product=iy as a popup.

    Ran it, will see what happens.

    Damnit, this is cutting into my "Lie To Me" time something fierce.

  7. #7
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,011
    This ones not bad...just injects into your browsers.
    ADWCleaner and (ad ware cleaner) and JRT (junkware removal tool) handle browser injects best.
    This link here handles most of the steps fairly well...
    http://malwaretips.com/blogs/rvzr-a-akamaihd-net-virus/
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  8. #8
    Senior Member loop2kil's Avatar
    Join Date
    Jun 2000
    Location
    Atlanta, GA
    Posts
    5,232
    Quote Originally Posted by Humboldt View Post
    Huh. Ran combofix, thought it was all good, clicked your link and got a popup for http://rvzr-a.akamaihd.net/sd/wrap-0...ff%3D5040-1001

    Back to work
    I am 99.9% convinced that it's the Hosts file now, that's why all the scans are coming up empty. There is nothing left to delete but the damage to the Hosts file is already done and will keep giving you the popups until it's repaired.

    The link I posted should explain it more clearly.

  9. #9
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,011
    Combofix usually flushes out the hosts file if it finds an infection there. Worth checking through, just in case it missed it or the file was locked..
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  10. #10
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Quote Originally Posted by YeOldeStonecat View Post
    This ones not bad...just injects into your browsers.
    ADWCleaner and (ad ware cleaner) and JRT (junkware removal tool) handle browser injects best.
    This link here handles most of the steps fairly well...
    http://malwaretips.com/blogs/rvzr-a-akamaihd-net-virus/
    That did it. Reset the hosts file last night and ran combofix. Still had it this morning.
    ADWCleaner did the trick, ran JRT to make sure.
    Looks like a codec pack was at fault.

    Thanks guys. Appreciate the help.

  11. #11
    Senior Member loop2kil's Avatar
    Join Date
    Jun 2000
    Location
    Atlanta, GA
    Posts
    5,232
    Well, I did say 99.9% sure

    Glad you got it fixed.

  12. #12
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Quote Originally Posted by loop2kil View Post
    Well, I did say 99.9% sure

    Glad you got it fixed.
    Appreciated the help regardless.

    Glad I got it fixed to, it was really starting to piss me off.

  13. #13
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,011
    Quote Originally Posted by Humboldt View Post
    Looks like a codec pack was at fault.
    VERY popular source of malware infections..see that as the cause so many times..those, and special "viewers" to watch online movies.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  14. #14
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Quote Originally Posted by YeOldeStonecat View Post
    VERY popular source of malware infections..see that as the cause so many times..those, and special "viewers" to watch online movies.
    Always looking for a better player. Have WMP, GOM, and VLC. Scan everything I download but looks like this one fell through.

  15. #15
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.

    Any suggestions?

    20 different links and they all ask for a video player upgrade (running latest WMP) or an .exe download to watch.

    Suggestions appreciated, feel free to PM.

    Thanks

  16. #16
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,011
    Quote Originally Posted by Humboldt View Post
    Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.
    Try uninstalling VLC, download and install the latest version. VLC is a good player (assuming you get it from a trusted source).

    If that doesn't work, look for K-Lite Mega Codec pack from a trusted source like filehippo if reinstalling VLC doesn't work. K-Lite has several bundles..."Mega" is the largest and most inclusive.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  17. #17
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,344
    Quote Originally Posted by Humboldt View Post
    Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.

    Any suggestions?

    20 different links and they all ask for a video player upgrade (running latest WMP) or an .exe download to watch.

    Suggestions appreciated, feel free to PM.

    Thanks
    What file format is the video? Have a look at the page source code or javascript file from the page. The streaming video format will be available there. VLC should handle all formats. Or post the url to the page with that video & I'll tell you the file format to associate with VLC.
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  18. #18
    Senior Member loop2kil's Avatar
    Join Date
    Jun 2000
    Location
    Atlanta, GA
    Posts
    5,232
    Quote Originally Posted by Humboldt View Post
    Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.

    Any suggestions?

    20 different links and they all ask for a video player upgrade (running latest WMP) or an .exe download to watch.

    Suggestions appreciated, feel free to PM.

    Thanks
    There's plenty of nakid women at other websites that don't require special codecs

  19. #19
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    51,011
    Quote Originally Posted by loop2kil View Post
    There's plenty of midget porn at other websites that don't require special codecs

    ***fixed***
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  20. #20
    resident Humboldt's Avatar
    Join Date
    Oct 2000
    Location
    Northern CA
    Posts
    28,015
    Quote Originally Posted by TonyT View Post
    What file format is the video? Have a look at the page source code or javascript file from the page. The streaming video format will be available there. VLC should handle all formats. Or post the url to the page with that video & I'll tell you the file format to associate with VLC.
    http://www.alluc.to/tv-shows/watch-t...08/486401.html

Similar Threads

  1. A Guide to Virus and Anti Virus Programs
    By JANDOENT in forum Network Security
    Replies: 32
    Last Post: 10-31-02, 08:20 AM
  2. A Guide to Virus and Anti Virus Programs
    By JANDOENT in forum General Topics Archive
    Replies: 29
    Last Post: 02-15-01, 01:05 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •