I have a server 2008 R2 that has contracted a virus/malware that hides all the folders on the drives and creates shortcuts with the folder names that load Remote Desktop and direct it to a website. It will spread to a workstation if it accesses one of the folder/shortcuts. I have deleted all the shortcuts, cleaned up all the bogus files I can find and ran Symantec and SuperAntiSpyware which clean up all the problems (supposedly) and it comes right back. Anyone with any experience or suggestions?
