Disable Auto-run/Auto-play from Group Policy
Disable Task Scheduler
Check the autorun.inf
I would suggest using a boot time scanner, you can download VipreRescue: http://live.sunbeltsoftware.com/
or if you have a Kaspersky Subscription, you can just make a boot-time scanner.
Afterwards make sure that all security updates are installed on the client\server PC's after the initial infection is removed. You may need to isolate computers and do this one at a time or implement some sort of anti-virus after the inital threat is done (I would suggest using an enterprise level AV, but if you can't afford it, using Microsoft Security Essentials would probably be the second best bet).