My wife's laptop was hit with a fake AV alert virus.
Norton seems to have cleaned the virus (but may not have), but .... there continues to be a red shield with a white X on the status bar that say NAV is out of date. This has never been true on her computer.
When I look at the NAV history I find these:
Unauthorized access block (Open Process Token) Blocked 1/26/2010 9:38:48 AM
Trojan.FakeAV detected by Auto-Protect Removed 1/26/2010 7:30:08 AM
Statistical Submission: Trojan.FakeAV Submitted 1/26/2010 7:26:06 AM
AntivirusSystemPro detected by Virus scanner Removed 1/25/2010 5:57:15 PM
Statistical Submission: AntivirusSystemPro Submitted 1/26/2010 5:52:43 PM
vxcjsysguard.exe accessed your network resources Detected 1/24/2010 5:17:35 AM
tvcp.exe made 5 modifications to your System Config. Detected 1/24/2010 5:17:20 AM
IPS Detection Statistical Submission Submitted 1/24/2010 5:16:55 AM
It's seems clear that the infection occurred around 1/24/2010 5:16:55 AM
On the 26th is when all the fake AV message appeared (because my wife closed the laptop right around the time of infection).
The Norton Alert shield has been red ever since and it's never been out of date. It prompts to click to correct the problem, but I suspect it has been compromised and will infect the computer again if I click on it.
I believe something is still not cleaned on this computer.
If you need access to the computer just shoot me an email.