What do you mean it isn’t being picked up?
Is this simply because you don’t see the name Esbot.a in the list?
There is no standard naming convention with virus names, so this may well be detected under a different name.
Do you have an infected file, that isn’t being detected? but detected by symantec, etc.
I found in the description of the mutex created by W32/Esbot-A two names. This is odd Sophos talks about "when first run it copies itself as mousesync.exe for mouse synchronization, while in this description at http://virusalert.nl/?show=virus&id=1084 the mutex name is mousebm.exe for mouse button monitor. What is the right name? Is there a sub virus. While if the LSASS and PnP vulnerabilities are not patched, it can copy itself, the trojan compaonent can download and execute files, execute dDos attacks, and search for files on the infected machine.