Possible Bot infiected a computer - Why?

What had caused it was an employee brought in their computer from home with Sophos up to date and it was acting like a virus was on it so I used the SAV32CLI safe mode command prompt method to scan it.  The scan came up clean.

Against my better judgement I rebooted and connected it to the network.  Shortly after that our emails were getting blocked by our clients cause of spam.  I immediately unplugged it and got us off the spam blockers but this morning I found ourselves back on the black lists.  I then checked our Firewall and found that one computer had a lot of SMTP activity overnight and removed it from the network.  Now we haven't got any SMTP traffic from the workstations like it's supposed to be.

I have scanned the offending computers 3 times now and still nothing found but if I tether through my cell phone they will start connecting to SMTP again.

Sincerely,

Ken

What had caused it was an employee brought in their computer from home with Sophos up to date and it was acting like a virus was on it so I used the SAV32CLI safe mode command prompt method to scan it.  The scan came up clean.

Against my better judgement I rebooted and connected it to the network.  Shortly after that our emails were getting blocked by our clients cause of spam.  I immediately unplugged it and got us off the spam blockers but this morning I found ourselves back on the black lists.  I then checked our Firewall and found that one computer had a lot of SMTP activity overnight and removed it from the network.  Now we haven't got any SMTP traffic from the workstations like it's supposed to be.

I have scanned the offending computers 3 times now and still nothing found but if I tether through my cell phone they will start connecting to SMTP again.

Sincerely,

Ken