Dear All,
I am experiencing crisis in the infrastructure
I had virus infection and I had recovered from it "not completely" - the problem is folders keeps moving to hidden System volume folder
I tried working with security essential and it found that I have myfiles.exe infection
I blocked all executable files from the system - re installed new OS
I still get this problem that folders moved to system volume folder
from event viewer - after blocking exe files
user UUUUUUU attempted to save D:\xxx.exe on D:\ on server SSSSS This file matches the "Executable Files" file group which is not permitted on the system.
the xxx.exe name is the name of folder which then moved to system volume folder trying to put exe file on its place
please advice for urgent remediation