remove the user from the network. then check out the pc...
Best practice is to: Block outbound SMTP (port 25) traffic to/from all devices other than your mail server(s). Implement endpoint firewall/AV software that does not permit traffic on port 25. Scan the system in question with <a href="http://www.microsoft.com/security_essentials/">Microsoft Security Essentials for free</a> AV protection.
Last Wiki Answer Submitted: August 13, 2010 12:07 pm by jinteik15,485 pts.