Originally posted here by halv
Do you remember the names of the virus' that you found? It is highly possible that one of them was a trojan horse type and allowed someone else remote access to your systems. They then proably installed a backdoor to get back in if you removed the original trojan horse.

I would get zonealarm and pop that on your machines. I would then set it up so that only what you need to allow in / out is allowed and watch the bounces to see if you can identify a pattern.

Good luck and keep us updated.
Thanks very much I'll keep you posted.

Di