12/02/2016 1061 views
I got an end user who this morning opened an attachment in an e-mail and now his computer is infected with Cerber Ransomware. It was sent via a fax email with an attachment (yesterday was the first time it was released to spread in this fashion). Anyways, I know that anything that has not been backed up onto the network prior to being infected is lost if it is encrypted. Although, I have not restarted his computer yet and I was wondering if it is possible for me to search through and search the logs or something for the key anywhere?? I know I'm just going to have to wipe the computer more than likely. But has anyone ran into this before??