[TriLUG] Virus Question

[Matt Flyer via TriLUG]

My opinion is that once compromised, you really can't trust the machine
again.  I would recommend that you boot into something non-windows,
extract your work data files, and scan them thoroughly.

After you have your data, nuke the machine from orbit because it's the
only way you can be sure.

Do you know how you acquired this bit of nastywear?  Ideally you should
look into how you acquired it and what went wrong to enable that to
happen.  Granted M$ is as full of holes as Swiss Cheese and it seems like
all it's security features serve to only annoy the user rather that
protect.


> Hi all – have not posted in quite sometime.  Right now, I am stuck and
> lookingfor some hope.  My computer has picked upthe Cerber Ransomeware. 
> This is my workcomputer and I do have secure backups Jun 5, so the only
> thing at risk is mywork from the last week. My 2 questions are 1)   
> Can Itrust that Windows Defender has removed the ransomware itself?  I am
> monitoring the # of *.cerber files andit seems to be steady, but any
> sentence with the phrase “Can I trust a M$product” is a little
> tough. 2)    Can I useRestore to recover what I created last
> week? The infection occurred yesterday, Sun Jun 12.  The last work was
> on Thu Jun 9.   3)    Whatelse did I not think of? This is an HP
> Pavilion laptop, running Windows10, AMD A6-6310 CPU, 64 bit. Thanks
>