Hello,
Are running the SEP 12.1 client with latest definitions and carry all the latest Microsoft updates and security patches on the machine?
Run a scan in safe mode with networking to remove the virus.
Could you zip each of the folders and submit the zip files (without password) to the Symantec Security Response Team on :
https://submit.symantec.com/websubmit/essential.cgi
We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.
What to do when you suspect that a Symantec AntiVirus product is not detecting viruses
http://www.symantec.com/docs/TECH99222
In your case, it is also advisable to follow few important steps:
1) Make sure all these machines are Patched with ALL Latest MS security patches and service packs.
2) Make sure the machines are installed with the Latest Symantec virus definitions.
3) Disable the Autorun Feature on the machine via GPO. http://support.microsoft.com/kb/967715
4) Disable System Restore before you do this as the virus also creates entries in the System Restore Points store volumes.
Also, check this Article:
Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
Hope that helps!!