We are a Symantec Partner. A client of ours has contracted what appears to be the virus referred to in the links below. Some characteristics of this bug are newly-created virtual network adapters (not in every case), corrupted hosts file (will be about 4 MB in size), and four netsf* files located in \Windows\inf. We use Symantec AntiVirus (now Endpoint Protection) exclusively, so this is what our client has. IT appears to completely ignore this threat. Can anyone at Symantec provide some assistance or guidance? I can provide more/specific details as necessary. Regards, Craig
http://www.threatexpert.com/report.aspx?md5=f1c12bfedcf6265bc3187d2a1ef06cad
http://www.prevx.com/filenames/X501491272611456003-X1/NDISVVAN.SYS.html
http://social.answers.microsoft.com/Forums/en-US/xphardware/thread/fddb96a7-ec7a-453c-8566-41bf0738287e
http://www.superantispyware.com/malwarefiles/NDISVVAN.SYS.html
http://www.symantec.com/connect/forums/windows-security-alert-showing-no-av-present-or-definition-out-date