trun off file and print sharing and client for ms networks if you don't use them

scan your systems w/ as many av programs as you can get your hands on.

look at the zonealarm premission config (what is it letting out and what's it blocking)

look at the location of common trojan start-up methods (reg. keys, start up folder etc. etc.)

self port scan each machine and each other + the router both on 127.0.0.1 and the real IP

manually check the C: esspecially at the '\' + 'system root' + 'program files'

use linux