Wow Brian! Thank you for the quick reply... I am looking at the article url now.
I believe we have SEP setup out of the box. I'll have to get my head around this KB that you provided.
The reason for my concern was that I'm seeing way too many PC's infected and yet, Symantec kills the threat, I'm just wondering if all were doing here is a Cat and Mouse chase...
I'm pretty sure all of this activity is a result of our large user community and peoples surfing habits. I'm just thinking it may be best to pick the top 20 machines that are repeat offenders and re-image them. Once a virus has been found, it will delete/quarantine it, but I'm just curious about installer files remaining behind etc...