i have a client running on Windows Server 2008 R2. 20 users are using RDP to work on this server.
Those users are only power users and there is one admin in the system.
Now since a week they have complaints about a malware on the server. Everytime i scan the system i keep cleaning malwares.
1. how is it possible that a power user is able to do something so that a malware is installed on the server. What do i wrong and how can i prevent this?
2. the malware seems to hide always in the SoftwareDistrubution folder. Can i simply delete this folder and let the system create a new one? Or does this impact the server operation?