Here is our setup and the problem being experienced:
3 servers, roughly 54 computers running on the network
One of the servers is recording attacks from w32.downadup.B, about 30-50 a day from various computers. The virus is stopped and deleted before it can infect the server.
The problem i'm running into is that when i scan and go through the computer that the attacks are originating from in the SEP log, the computers are coming up as clean and uninfected.
It appears as though the virus isn't installed on any computers but part of it is bouncing around the network still attempting to install.
about two months ago a full manifestation of the virus hit a computer on our network and i went through and cleaned it out myself via registy changing and file deletion.
i've been updating and scanning for about two days now and feel hung up, any help would be greatly appreciated.