Rootkit.boot.pihar.c keeps getting through
Can anyone give me a reasonable explanation as to why Symantec Endpoint Protection doesn't seem able to protect against this particular trojan? Time after time I go to client sites who are getting BSODs and slow performance. Everytime I check the status of the SEP and it's current and up to date with definitions. And over and over I'm finding this trojan on their desktop systems. Right now I'm clearing it off the third or fourth desktop in the last few weeks at a customer and they're asking why does this keep getting through and where is it coming from?
We are running the latest version of Endpoint Manager from which the installation packages were created.