a Trojan while protected by Norton

I got a Trojan while protected by Latest update Norton AntiVirus - Norton Internet Security 2004
Just the thing I don't understand how did this file (load.exe) upload it self from the internet, executed on the hard-drive and Norton later, maybe after 20 minutes from me noticing it, Norton finally alarmed it's a trojan and blocked it
but why waiting for 20 minutes, isn't such time critical, how effective are anti-viruses really?

The current paradigm for AV is look for defined patterns. That's why most AV programs update on a regular basis.

The better method involves holistic detection of viral and malware activity, such as is used by Zondex Guard (formerly Leprechaun).

Norton's does have a holistic engine, which is why it detected your trojan... but it's not as good as the ones that Norton uses on their own networks... you have to pay some bucks for that.

I mention Zondex specifically because I know the Leprechaun was one of few AV engines that managed to catch the viruses that ran rampant a few years back without having to download a single update (ref).

Some steps you can take to avoid malware:

• Stay away from the seedy underside of the 'net (ie, no p-p downloading, warez, and pr0n)
• Switch away from IE-- try Firefox or Opera
• Switch away from Windows-- Linux is free and they have quite a few tools for free that will accomplish what you do with windoze and pay for.
• Download AdAware and Spybot and sweep the computer at regular intervals
• Develop and implement a backup scheme so, if you do get hit by a nasty malware program you can wipe the slate clean and reinstall without fear of losing the only digital picture of Aunt Thelma in existance.

Thanks Dngrsone, well yeah I understand all that, I was just commenting about waiting which in such time frame can let malicious activities do harm before being caught

I will consider Zondex in next system upgrade, maybe

Thanks anyway

Hi weam,

Malware of all types can be inactive for long periods of time before they become active and (sometimes) get caught by your antivirus program.

For example, some viruses have a preset date at wich time they will deploy and cause damage.

Feel free to post a HijackThis log as you may still be infected.

Please download HijackThis. Make sure you install HijackThis to a permanent folder such as C:\HJT as it creates backups of what we will fix.

Run the program, click the button at the top "Do a system scan and save a logfile". Save the log to a convenient place such as C:\HJT Notepad will open, copy and paste the entire log into your post. Do not fix anything yet, most of what's in the log is needed!

http://www.majorgeeks.com/download3155.html

Tom

you are probably still infected.. considering how the infection got through your firewall and the norton auto protect.. its like that the infection not completely removed. noticed any side effects of the infection like a slow net connection, slow pc, weird popups etc ?