I read goto78's posts about NAV 2008 failing to detect a bagle virus resulting in his PC being hopelessly infected for over a week despite the $ he paid. I attempted to respond to and agree with his posts given the Symantec appologist suggesting it may have been a new variant of Bagle that hadn't provided the time to be analysed by the anti-virus community as yet.
I ran into almost exactly the same problem and no way does the 'newness' of the Bagle variant explain the massive failure I found. When I was finally able to regain control of my PC (no thanks to NIS2009), I installed Kaspersky v7.0 instead. What a difference!
Before I expound on that dramatic difference, let me say I scanned the file I downloaded from a peer-to-peer network BEFORE I unzipped it and AFTER I unsipped it. NIS2009 gave me the green light in all instances. Next stop?--the NIS2009 icon in my system tray disappeared immediately. I couldn't reinitialize NIS2009 from my desktop, I couldn't reinstall it, and I couldn't even install Kaspersky v7.0. All the other symptoms were as goto78 described--especially the xxxxxx.exe files I found running w/randomly changing filename as processes in taskmanager. And like goto78, I couldn't access the web with IE. Unlike him, I also had OPERA installed. The virus writers overlooked that possibility, enabling me to go to one of those 'free' online virus scans who want you to BUY a license before they'll actually remove the bugs and even their scan amounts to only a partial revelation. Still, it revealed enough that I was able to boot from a Knoppix CD, use the ntfsmount utility, and delete enough of the malicious files to allow me to reboot into XP pro and install Kaspersky. Now HERE is the difference:
Kaspersky went through a large collection of files I'd gathered over the YEARS from peer-to-peer networks and found dozens of Bagle files Norton had never alerted me to all those years. 'Newness' had NOTHING to do with it, my dear. Neither did the archival format as Norton had been set to look inside archives formats and many of the files were in the open as well. After Kaspersky found 3 or 4 dozen Bagle infected files (archives I'd never opened, fortunately) I was convinced I'd been short changed by Symantec. And when I couldn't reply to goto78's posts about the same problem I'd been beset by, I felt even more short changed. This isn't the first time I've found virus files that could emasculate or evade Norton, either.
In this instance, there were many many xxxxxx.exe (the x's represent random digits) which appeared to have been created in the last 2 or 3 days and/or had the same file size which clued me in and caused me to delete everything I found on my XP PC machine in c:\windows\system32\drivers\downld\
There was a winitems.sys file (I believe that's the spelling) and a winfilse.exe filed (among others) too. Also they virus had altered the system registry, which I wasn't able to restore to any earlier setpoint.
Symantec failed in a major way on this commonly encountered virus. It also failed (as I personally witnessed it) when confronted with an earlier file (some years ago when I was using NIS2006) but I never discovered the name of the virus/trojan if it had one. Only recently have I begun substituting Kaspersky for NIS after years of assuming NIS was doing its job. Norton used to be top of the line in protection software--it has been a disappointment in recent years. It has improved in user interface ease of use including improvide Live Update and installs that no longer choke if you didn't use a special removal tool to rid all traces of earlier Norton AV installs. But their online tech support now sucks, is difficult to understand through their foreign accents, and demands you supply a credit card number for all but the simplest new installation questions/problems. In effect, Symantec now demands not only that you pay for the dog, but the fleas!
I'm still partial to the NIS elegant interface, but it's a little bit like sitting behind the wheel of a fancy sports car with no engine under the hood. I suspect Symantec has gotten arthritic as a corporation and now is reluctant to pay for the caliber and number of programmers it needs to stay on top of its game. It's cashing in on its once sterling reputation, short changing today's customers.