Well, I am certainly regretting the purchase of NOD32 antivirus. I have a system infected with a *very* persistant hijacker which blocks web display of anti-virus sites and often interfers with running av software. I have throw everything I have at it, cleaned all caches, checked the hosts file, shut down all processes, even run Hjackthis, AdAware, etc. (of course, these didn't have the latest definitions as they are blocked). ran everything I could in safe mode. No luck.

The main symptom is a redirect once a search is conducted and I click on a search result. I can only assume that the malware is also stealing info via keylogging, etc...so I cannot conduct online business or banking.

i also installed NOD, and of course, it would not update. I assume it is being blocked by the malware...?

So I opened a ticket asking for help is obtaining the latest definitions so NOD could actually detect the malware. That was last week. So much for a 24-hour reply. ::)

THAT being said, does anyone know of a way to get the definitions, so that NOD can (hopefully) defeat the malware on my system. Or should I go and purchase McAfee (yuck) or Norton? Or try something else?

I'm at wit's end.

P.S. I am strongly in favor of the death penalty for hackers and malware writers. Honestly, these people need to grow up!

I think you should get some professional help with the removal of the malware on your machine just check out this post with some sites that do malware cleaning services!

http://www.wilderssecurity.com/showthread.php?t=42148

Have you tried the ESET online scan?

No dice - i cannot connect to the ESET site from my home computer - site comes up 404 error - the hijacker is blocking it.

Yeah - sounds like I will need help. Hopefully I can repackage this software and return it to store. Just need a little creative tapework.

I'm not trying to rag here - but the technology companies I worked for focused on solving the customer's problem - that was the reason for their product's sales. All i wanted is to get e-mailed the current virus definitions and a way to manually input them.

The router I bought probably will also go back - unless you all feel a router firewall is an absolute necessity....

BTW - wasn't there a time when anti-virus products would boot off the CD and do a scan without loading the OS? Does NOD32 have a way to do that? (Again I would need current definitions, but I was wondering if such a thing is done anymore, or are the OS's to large/complicated to boot off disc?)


EDIT: ok - after reading a few more posts (imagine that) it sounds like I might need to go into advanced controls and make sure I have the settings right (like using global proxy server) and or try a few more tricks.

I have a major question: would a hijacker that blocks access to anti-virus websites also block an update through a proxy server? Are they different ports that such malware might not recognize? If so, perhaps the solution was here all along...let me know your thoughts and I'll keep you all updated.

I believe you are loosing your time at the moment . Instead of trying to find a magic way to do magic , you could have contacted a professional help for malware removal or even faster - format the HD and reinstall Windows.

I'd suggest that you send a log from ESET SysInspector to samples[at]eset.com with this thread's url in the subject. I'll go through it and let you know if there's something suspicious running.

As for a boot CD, EAV/ESS version 4 (currently beta) comes with ESET SysRescue which serves for creating bootable media with EAV/ESS.

Argh. Just built this system. Got all the software installed.

What about using Autoruns from Microsoft...

http://blogs.zdnet.com/Ou/?p=547&page=2???

{QUOTE-> Argh. Just built this system. Got all the software installed.

What about using Autoruns from Microsoft...

http://blogs.zdnet.com/Ou/?p=547&page=2??? <-QUOTE}

Your best bet is to follow the advice given by Marcos.