Hi deepaknk,
What exact threat is being found and deleted from that network share? The SEP logs will tell you.
Chances are that there is an infected computer which is connecting to that shared server and is constantly copying the malicious file up to it. How many computers connect to that share? Do they all have SEP defending them? If so, have you checked that SEP is working on all those endpoints and all clients have their definitions up to date?
You may be able to determine which computer is copying that malicious file up there by using the UNIX auditing features. If not, you may need to use a process of elimination: isolating the UNIX box and then gradually connecting computers back to it.
Please keep this thread up-to-date with your progress!
Mick