Hi jeremyf,
It sounds like its worth checking your Eset settings to make sure you're making the best use of the various protections it offers. Check that your config is set to use Advanced Heuristics and detect potentially unwanted and unsafe software. Make sure it's being sent to the clients correctly too - I have found that some of the options are not picked up from the config XML files. It's worth going through every page and setting to check the options are set up how you want them to be. If your computers are high spec enough, run Advanced Heuristics on every option.
Look at installing Microsoft's Enhanced Mitigation Toolkit. This adds another layer around Internet Explorer, Office, Adobe Acrobat etc. and, if you enable it, any other program. I've been installing this on all client computers by default now with very few problems. This will significantly help when protecting against drive-by exploits - one of its main functions.
Evaluate your network shares to make sure that users can only access what they need to. It's easy to put in a temporary fix to a permissions problem to allow users to access everything but not get round to re-securing shares. Check that the workstations have as little access to each other as they need. Also make sure your backups are made in a way that malware on a trusted client or the server can wipe them all out. Assume your server gets a virus like cryptolocker, and do what you can to mitigate what it can do.
Also check that the programs your users have installed are set up securely - Adobe Reader, in particular, has a lot of options to lock down JavaScript, launching external programs, accessing the Internet etc. If you use Java, switch off the browser plugin or lock it down to specific sites. We all know how bad Flash is at updating itself - so set a schedule to manually check it.