Endpoint Protection

I have a machine with Endpoint Security installed.

I discovered it was infected with "Personal Antivirus" (PAV.exe)
I manually deleted all references to PAV.EXE that I could locate on the drive and in the registry.

Now Internet explorer is being hijacked and randomly taken to a URL titled networksecurityadvice.com.

I'm sure it's related because the site solicits "Personal Antivirus".  I scanned windows in safe mode with SEP.  There were no hits.
I've read the other article about PAV.exe and attempted to follow the instructions for removal of w32.Kitro.E.Worm but can't locate any of listed files or registry values.

Is this problem associated with another threat? Anyone have removal advice?

This question was asked a little while back and we never got a good answer for it. The link for that post is below. I know this isn't the most helpful post, but really the only thing you can do is narrow down the .exe and the .dll the virus uses and submit them to Symantec as Sandeep suggest in the post below. Sorry that is all I can give, but the number of these fake AV programs and their varients increases so fast that this is sometimes the best answer.

https://www-secure.symantec.com/connect/forums/pavexe-sepm-not-finding-it

Grant

Can't believe that Symantec cannot take care of this virus.  Or at least offer a download to get rid of this!

Twoll

Try to use Combofix.exe

 Since this looks like a browser hijack 
the best way to find the Suspected file would be 
Internet Options - programs -Manage Add-Ons - 
Sort it out by Add-ons Loaded/Enabled
Looks for suspected one ..i.e. the ones without a publisher or any one which looks suspicious the common one that they use lately is Research& or something like this.
You will find a  .dll file associated with this add-on
Sech your computer for this DLL then submit and delete it or just submit it .