how to remove cerber from my computer?

how to remove cerber from my computer? Thanks for any assistance.
pollux pallasAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tom CieslikIT EngineerCommented:
There is a few tutorials and advises in internet an I can write here another one but if you fallow this tutorial on Youtube you can do it for yourself
Rajul RajInformation Security OfficerCommented:

Use malwarebytes to remove this kind malware.

Download it from
Tom CieslikIT EngineerCommented:
Sorry but mylwarebytes will not remove this ransomware
Gabriel MComputer security expertCommented:
If you got infected with Cerber ransomware, you are right to think about its removal first. Usually, people are so upset to find out that all of their files are encrypted that they desperately try to recover their files. However, you need to eliminate the virus to prevent additional loss of your data. For that, I recommend selecting reputable antivirus (carefully read reviews before downloading!). Don't forget to update it before running a full system scam. Updating is a must if you want to get rid of all files that belong to Cerber ransomware.

You can also try using manual removal. However, I would recommend opting for this option only if you are an experienced user:

1. Reboot your computer to the Safe Mode with Networking.
2. When in Safe Mode, open Windows Task Manager by clicking Ctrl + Shift + Esc at the same time.
3. Go to the Processes Tab. Find malicious processes of Cerber in the list (usually randomly-named ones). Right-click on them and choose Open File Location.
4. Once the folder is opened, end malicious processes and delete their folders.

5. Hold the Start Key and R, paste the following command and click OK:
notepad %windir%/system32/Drivers/etc/hosts
This will open a new file where you will find a list of IP addresses that are connected to the computer.
6. In the search field type msconfig and press enter. This will initiate System Configuration window.
7. In the System Configuration Window go to Startup Tab. Deselect all Startup Items that have Manufacturer titled as “Unknown.” However, sometimes malware include fake names of the Manufacturer. Thus, you need to make sure which processes are dangerous and which ones are real.

8. Open Windows Registry by typing Regedit in the search bar and pressing Enter. NOTE: Making modifications in Registry may lead to irreparable damage. Be careful!
9. When Windows Registry opens up, press CTRL + F and type the virus name. Look for the ransomware in the registry entries and delete them. Make sure you delete malicious files, not the legitimate ones.
10. In the Windows Search Field type these entries:
Check if something was added to these directories recently, and delete all entries from Temp.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tom CieslikIT EngineerCommented:
Best solution provided. No more other questions from author
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.