Have you disabled system restore and auto-play feature on all your drives? Also, enable network scanning. Increase the sensitivity of Truscan proactive threat scan, make sure the computers are patched with latest Microsoft security updates...........
Inaddition to this, harden your systems by using application control policies in SEPM