I have one user profile infected with the fake AV System Tool virus?
The environment is about 40 users connecting to 2003 Server Ent.Ed. running AD, terminal services, Symantec Enterprise Ed. (soon to be upgraded to EndPoint) . The users connect via RDP using WYSE thin-clients.
I know this may be a loaded question, but how did the user get infected? They "claim" they were working as usual then their desktop changed...hmmm?
Thanks in advance for any prompt feedback on this.