Some how a computer on our network got the decrypt virus on it and it started encrypting files on mapped drives to our server. I have done virus checks on every single computer and server and removed the suspect computer from the network.
I have done a shadow copy restore of the files affected, but there are still files in the folder saying Help_Decrypt.html , .png, .txt, and a a web link saying help_decrypt.
Firstly, are these files dangerous? and can I just delete them? How can I make sure this nasty program is off the network?