Hi stemians ..
Here are some suggestions if your computer has been attacked by PETYA virus.
When there is a warning that you have a virus and can not turn off the computer, immediately turn off the computer because so many can still be saved. Unplug the hard drive from the computer, then plug in removeable disk on the net computer that is used as master. Infected hard disk make slave disk. Do not run any programs and start copying data files.
In anticipation, do not forget diligently make back up data to other media such as flash disk or portable hard drive.
If it seems your computer is infected, just make the file name perfc.dll fake, perfc and perfc.dat and the program will stop growing.
Computers that are still healthy immediately disconnect themselves from the network (wired / wireless)
Notify all staff to never open files from unknown and sanction those who violate them.
If you receive an email from an obscure source, it is better to move the file to the IT section for review.
Unlike WannaCry that spreads through SMB Server Message Block or known as EthernalBlue, it only spreads on one network computer.
WannaCry asks ransome to one account only, while Petya to many accounts, the goal is to be more difficult to trace the culprit.
Do not pay a penny, because even though it was paid Petya can not restore damaged data because that is now scattered instead of ransome but wipe out.
In addition, do not be careless and immediately backup the computer if it is still safe from the virus. Finally, update the Windows patch.
Good luck...
Keep calm and STEEM on
Upvote and folow me @junioraceh