Hi Anil,
IP address 10.2.228.200 is from inside network or outside network?
By looking at local IP (10.64.9.45) I believe it's from outside network.
If it's happening on any specific system then there is hight possibility that system is not fully patched.
Most probably it's happening due to OS vulnerability.
It is recommended to install all the Symantec features AV / PTP/ NTP with latest definitions.Always make sure that your computers are receiving definitions regularly.
You can upgrade your product to latest built.
You windows machines should have all the latest windows updates /Patches.
Upgrade all the installed third paty software.
Disable Autorun.
Please follow best practice guide to handle virus issue.
http://www.symantec.com/business/support/index?pag...