Possible virus on the network

You probably have Spyware that is creating the attacks.  Download Spybot  http://www.safer-networking.org/en/index.html or Ad-aware http://www.lavasoftusa.com/software/adaware/ and check on those machines for spyware.  I'll bet you will find that you have a trojan or similiar causing your problems.

I've ran spyware and antivirus, nothing.

Which Spyware???

I used ad-aware 6.0.  After looking at the computers closer this may be the blaster all over again.  The computers weren't up to date on their windows update.  I'll update them and see if that solves any of the problems.

you didnt mention the taffic direction, it is incoming traffic or outgoing traffic on your firewall?

Its outbound.

can you determine who (on your LAN) were sending the destructive packages by analysing the firewall log?

I'll try with spybot and see if it finds anything and yes we do know which computers are having issues.  We used a sniffer and had it watch a specific ip address to see what its doing.  The moment they're turned on they start sending garbage outbound to rdp 135.  The only attacks I can find on the net are the blaster that worked that way so we're running windows updates right now to see if that will prevent it from spreading too much.