how to remove cerber from my computer?

pollux pallas
pollux pallas used Ask the Experts™
on
how to remove cerber from my computer? Thanks for any assistance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Tom CieslikIT Engineer
Distinguished Expert 2017

Commented:
There is a few tutorials and advises in internet an I can write here another one but if you fallow this tutorial on Youtube you can do it for yourself

https://www.youtube.com/watch?v=xJM7rywenfE
Rajul RajInformation Security Officer

Commented:
Dear

Use malwarebytes to remove this kind malware.

Download it from  https://www.malwarebytes.com/
Tom CieslikIT Engineer
Distinguished Expert 2017
Commented:
@Rajul
Sorry but mylwarebytes will not remove this ransomware
Computer security expert
Commented:
If you got infected with Cerber ransomware, you are right to think about its removal first. Usually, people are so upset to find out that all of their files are encrypted that they desperately try to recover their files. However, you need to eliminate the virus to prevent additional loss of your data. For that, I recommend selecting reputable antivirus (carefully read reviews before downloading!). Don't forget to update it before running a full system scam. Updating is a must if you want to get rid of all files that belong to Cerber ransomware.

You can also try using manual removal. However, I would recommend opting for this option only if you are an experienced user:

1. Reboot your computer to the Safe Mode with Networking.
2. When in Safe Mode, open Windows Task Manager by clicking Ctrl + Shift + Esc at the same time.
3. Go to the Processes Tab. Find malicious processes of Cerber in the list (usually randomly-named ones). Right-click on them and choose Open File Location.
4. Once the folder is opened, end malicious processes and delete their folders.

5. Hold the Start Key and R, paste the following command and click OK:
notepad %windir%/system32/Drivers/etc/hosts
This will open a new file where you will find a list of IP addresses that are connected to the computer.
6. In the search field type msconfig and press enter. This will initiate System Configuration window.
7. In the System Configuration Window go to Startup Tab. Deselect all Startup Items that have Manufacturer titled as “Unknown.” However, sometimes malware include fake names of the Manufacturer. Thus, you need to make sure which processes are dangerous and which ones are real.

8. Open Windows Registry by typing Regedit in the search bar and pressing Enter. NOTE: Making modifications in Registry may lead to irreparable damage. Be careful!
9. When Windows Registry opens up, press CTRL + F and type the virus name. Look for the ransomware in the registry entries and delete them. Make sure you delete malicious files, not the legitimate ones.
10. In the Windows Search Field type these entries:
%AppData%
%LocalAppData%
%ProgramData%
%WinDir%
%Temp%
Check if something was added to these directories recently, and delete all entries from Temp.

Source: http://www.2-spyware.com/remove-cerber-virus.html
Tom CieslikIT Engineer
Distinguished Expert 2017

Commented:
Best solution provided. No more other questions from author

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial