I've been infected with Cry36. Stupid I know. I logged in while it was happening and changed passwords and ports. But Malwarebytes and Avast do not seem to have found the actual process/show no sign of having done so. Instructions both here and elsewhere on removal are a vague 'use your malware removal utility to quarantine'. In the meantime, I've shut down, but I need guidance, in case it's still actually there. **I'm not sure if it's safe to boot again, whether specifically I should boot to safe mode, or what.** I am afraid they have the ability to continue encrypting files or else delete them entirely.