Port Scanning on the network

I am in the fortunate position of having taken over a network where patch management is virtually nonexistant!
At the moment I have something on the network that is running port scans. I can ID the machines that are running the scans, but I don’t seem to be able to clean or patch them.
The AV that I am using is AVK, I have also tried Norton TNA.

Any ideas as to what to do to rid my network of these threats