Can someone explain to me how it is possible that NIS2009 detected a virus on 040109 within a file that has been on my system since 20 december 2008 while the last virus update was 171208 (see the link).
http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2008-121617-3748-99
Was this through a Scan or by Auto-Protect?
Hi rvlaming,
The update for Supcious.MH690 may have got into Norton program through LiveUpdate on December itself.
But, what if some of the attributes for that particular file(which is in your computer from 20th December 2008) got changed due to some infection recently, may be on 4th January 2009?
Surely, Norton will detect that file as a threat on 4th January 2009 only, not earlier. To be more specific, that file may got updated/changed it's attributes suddenly which triggered Norton to detect it as a virus as that recent update may have changed the file similar to the virus signature for Supicious.MH690. Better, submit that file to Security Response for further analysis.
Yogesh
Hi Yogesh,
Unfortunately I agreed to the deletion of the files from within NIS2009. Next time I will submit that fiel to Security Response for further analysis.
Hi Floating_Red,
This was through a background scan.
You mention at the end of your message ThreatCon. But that's not the virus mentioned in the link. Why are you referring to ThreatCon?
Hello, rvlaming,
Firstly, the Detection you got has not been Modified since December 16, 2008. I am thinking Norton got a Virus Definitions' Update through Automatic Norton LiveUpdate and/or through Pulse Updates, or maybe the File did Change as suggested by yogesh_mohan.
rvlaming wrote:
Hi Floating_Red,
This was through a background scan.
You mention at the end of your message ThreatCon. But that's not the virus mentioned in the link. Why are you referring to ThreatCon?
Was the Scan Full System Scan or an Idle Quick Scan?
The ThreatCon appears on all my Messages because it is my Signature; sorry for the confusion!
Here is the Web Link to Submit to symantec Security Response: https://submit.symantec.com/websubmit/retail.cgi.
______________________________________________________________________________________
Message Edited by Floating_Red on 01-05-2009 08:26 PM
Message Edited by Floating_Red on 01-05-2009 08:28 PM
Message Edited by Floating_Red on 01-05-2009 08:29 PM
Message Edited by Floating_Red on 01-05-2009 08:30 PM