Look, it happens to everyone. Run a large network some time. Put a Windows box, or two, or a thousand, on it. Eventually somebody will find a way to bypass the Anti-Virus, and there'll be an infection.
I've had to call a big company here or there, having traced a spam source back to an infected desktop on their network. Usually their response is, "Ugh, we know! Thanks for the report, you're one of thousands who let us know. We're in the midst of a security audit to clean it all up."
Unless you're Pfizer. Then what do you do? If this article is to be believed, you stick your head in the sand and hope it all goes away. Hopefully this wake up call from Support Intelligence can get them to clean up their network.
How much of your spam came from an IP address on Pfizer's network? I smell a project for the weekend.