rvzr-a.akamaihd.net virus

[Humboldt]

This is really pissing me off, I can't get rid of it.

Have tried TDSSKiller, MalwareBytes, MSSE, SuperAntiSpyware.
Dont' see any weird processes or services.

Any other suggestions appreciated, thanks

[loop2kil]

Does it go away with any scan but keeps coming back or you can't get rid of it at all? If the former then make sure to disable system restore. if the latter then try Combofix and see where that gets you.

Also, try another AV like Avira or Avast....I've been liking Avira lately with the really small footprint of around 20mb running in the system.

Also, make sure all temp files are gone before scanning...I like TFC by Oldtimer

http://www.bleepingcomputer.com/download/tfc/

I'm also thinking Host file could be infected/corrupted.

[Humboldt]

Thanks for the suggestions.
It's not that it's re-occurring, nothing finds it in the first place. Have tried safemode scans, system restore off, manual reg edit finds nothing.

I haven't tried combofix yet, think of it as a very last resort. Has saved my ass before though, thanks for the reminder.

[loop2kil]

Thanks for the suggestions.
It's not that it's re-occurring, nothing finds it in the first place. Have tried safemode scans, system restore off, manual reg edit finds nothing.

I haven't tried combofix yet, think of it as a very last resort. Has saved my ass before though, thanks for the reminder.

Have you checked the hosts file yet?

http://support.microsoft.com/kb/972034

[Humboldt]

Have you checked the hosts file yet?

http://support.microsoft.com/kb/972034

Huh. Ran combofix, thought it was all good, clicked your link and got a popup for http://rvzr-a.akamaihd.net/sd/wrap-0.01 ... D5040-1001

Back to work

[Humboldt]

Downed the .msi through your link but am getting http://fastonlinefinder.com/ads-clicktr ... product=iy as a popup.

Ran it, will see what happens.

Damnit, this is cutting into my "Lie To Me" time something fierce.

[YeOldeStonecat]

This ones not bad...just injects into your browsers.
ADWCleaner and (ad ware cleaner) and JRT (junkware removal tool) handle browser injects best.
This link here handles most of the steps fairly well...
http://malwaretips.com/blogs/rvzr-a-akamaihd-net-virus/

[loop2kil]

Huh. Ran combofix, thought it was all good, clicked your link and got a popup for http://rvzr-a.akamaihd.net/sd/wrap-0.01 ... D5040-1001

Back to work

I am 99.9% convinced that it's the Hosts file now, that's why all the scans are coming up empty. There is nothing left to delete but the damage to the Hosts file is already done and will keep giving you the popups until it's repaired.

The link I posted should explain it more clearly.

[YeOldeStonecat]

Combofix usually flushes out the hosts file if it finds an infection there. Worth checking through, just in case it missed it or the file was locked..

[Humboldt]

This ones not bad...just injects into your browsers.
ADWCleaner and (ad ware cleaner) and JRT (junkware removal tool) handle browser injects best.
This link here handles most of the steps fairly well...
http://malwaretips.com/blogs/rvzr-a-akamaihd-net-virus/

That did it. Reset the hosts file last night and ran combofix. Still had it this morning.
ADWCleaner did the trick, ran JRT to make sure.
Looks like a codec pack was at fault.

Thanks guys. Appreciate the help.

[loop2kil]

Well, I did say 99.9% sure

Glad you got it fixed.

[Humboldt]

Well, I did say 99.9% sure

Glad you got it fixed.

Appreciated the help regardless.

Glad I got it fixed to, it was really starting to piss me off.

[YeOldeStonecat]

Looks like a codec pack was at fault.

VERY popular source of malware infections..see that as the cause so many times..those, and special "viewers" to watch online movies.

[Humboldt]

VERY popular source of malware infections..see that as the cause so many times..those, and special "viewers" to watch online movies.

Always looking for a better player. Have WMP, GOM, and VLC. Scan everything I download but looks like this one fell through.

[Humboldt]

Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.

Any suggestions?

20 different links and they all ask for a video player upgrade (running latest WMP) or an .exe download to watch.

Suggestions appreciated, feel free to PM.

Thanks

[YeOldeStonecat]

Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.

Try uninstalling VLC, download and install the latest version. VLC is a good player (assuming you get it from a trusted source).

If that doesn't work, look for K-Lite Mega Codec pack from a trusted source like filehippo if reinstalling VLC doesn't work. K-Lite has several bundles..."Mega" is the largest and most inclusive.

[TonyT]

Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.

Any suggestions?

20 different links and they all ask for a video player upgrade (running latest WMP) or an .exe download to watch.

Suggestions appreciated, feel free to PM.

Thanks

What file format is the video? Have a look at the page source code or javascript file from the page. The streaming video format will be available there. VLC should handle all formats. Or post the url to the page with that video & I'll tell you the file format to associate with VLC.

[loop2kil]

Now that I uninstalled the codec pack I can no longer watch one of my favorite streaming videos.

Any suggestions?

20 different links and they all ask for a video player upgrade (running latest WMP) or an .exe download to watch.

Suggestions appreciated, feel free to PM.

Thanks

There's plenty of nakid women at other websites that don't require special codecs

[YeOldeStonecat]

There's plenty of midget porn at other websites that don't require special codecs

***fixed***

[Humboldt]

What file format is the video? Have a look at the page source code or javascript file from the page. The streaming video format will be available there. VLC should handle all formats. Or post the url to the page with that video & I'll tell you the file format to associate with VLC.

http://www.alluc.to/tv-shows/watch-the- ... 86401.html

[YeOldeStonecat]

http://www.alluc.to/tv-shows/watch-the- ... 86401.html

Our UTM appliance at the office (a fancy firewall that checks for threats) blocked that site.

[Humboldt]

Our UTM appliance at the office (a fancy firewall that checks for threats) blocked that site.

Because of content issues, or malicious threats at the site itself?

[YeOldeStonecat]

Pornography....but often where that's present, malware is close behind. Seek your sources of porn wisely. My wife showed me some good safe porn sites...her step brother ran one.

[Humboldt]

Pornography....but often where that's present, malware is close behind. Seek your sources of porn wisely. My wife showed me some good safe porn sites...her step brother ran one.

Any suggestions where I can watch the latest episode of Walking Dead?
Never been able to figure out the legality of streaming videos like that that.

If NetFlix can do it, is it legal to watch on sites like alluc?
And if alluc is questionable, does anyone have other suggestions?

Thanks

[YeOldeStonecat]

I don't follow the Walking Dead...but can't you catch all their episodes right on the channels site? amctv.com
For catching TV shows I missed, I used to use a site called Hulu.com
Other than netflix, I'm not up other sites to stream current TV shows...if a show is high up on my list to watch, (which isn't many)....I just set it on the DVR.

[Humboldt]

I don't follow the Walking Dead...but can't you catch all their episodes right on the channels site? amctv.com
For catching TV shows I missed, I used to use a site called Hulu.com
Other than netflix, I'm not up other sites to stream current TV shows...if a show is high up on my list to watch, (which isn't many)....I just set it on the DVR.

Negative, my ATT DSL account is internet only, no TV.
Hence trying to find the right player/codecs that will work for alluc.

Worked fine for months but after taking a bunch of stuff off my system to get rid of that ****ing virus nothing will play now.

[RaisinCain]

If you install TeamViewer I can remote in and look at what is going on. If you decide to, just give me about a 1/2 window of time to work with you. Post or PM.

[YeOldeStonecat]

Worked fine for months but after taking a bunch of stuff off my system to get rid of that ****ing virus nothing will play now.

Did you uninstall VLC and download/install the latest yet? Should repair the damage done by ripping out that rogue codec, and reassociate all the proper file types. VLC usually handles them all quite well.

[Humboldt]

Did you uninstall VLC and download/install the latest yet? Should repair the damage done by ripping out that rogue codec, and reassociate all the proper file types. VLC usually handles them all quite well.

Yes.
Still no luck from that site, but able to find another one.
Great mid-season finale

[Humboldt]

If you install TeamViewer I can remote in and look at what is going on. If you decide to, just give me about a 1/2 window of time to work with you. Post or PM.

Appreciate the offer, but was able to find another site I could watch no problem.
Walking Dead doesn't pick up again for a couple months, so plenty of time to figure something out.

Thanks though

[YeOldeStonecat]

And the K-Lite "Mega" codec pack?

[Humboldt]

And the K-Lite "Mega" codec pack?

K-Lite is the one I was looking at, and after your suggestion what I'll probably go with.

After the hassle of this virus I just held up to see if I could find another streaming site.

[cybotron r_9]

This is really pissing me off, I can't get rid of it.

Have tried TDSSKiller, MalwareBytes, MSSE, SuperAntiSpyware.
Dont' see any weird processes or services.

Any other suggestions appreciated, thanks

http://www.emsisoft.com/en/software/eek/

[DelanoR]

Malwarebytes does not work
AdwCleaner free works but it popping again after restart.
Manual instructions like this (resetting browser settings) works for few days [link removed by admin] but then it comes again

[Humboldt]

Malwarebytes does not work
AdwCleaner free works but it popping again after restart.
Manual instructions like this (resetting browser settings) works for few days [link removed by admin] but then it comes again

Look at the post YeOlde made on the first page, those 2 programs worked well for me.

[DelanoR]

Look at the post YeOlde made on the first page, those 2 programs worked well for me.

Thanks! Seems that we had different versions of this virus with YeOlde. Reinstalling Windows worked for me

[Ta1l]

Simple browser reset may help - [link removed by admin]

(+ adwcleaner (free) to clean any reg files)