how to remove cerber from my computer?
how to remove cerber from my computer? Thanks for any assistance.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
If you got infected with Cerber ransomware, you are right to think about its removal first. Usually, people are so upset to find out that all of their files are encrypted that they desperately try to recover their files. However, you need to eliminate the virus to prevent additional loss of your data. For that, I recommend selecting reputable antivirus (carefully read reviews before downloading!). Don't forget to update it before running a full system scam. Updating is a must if you want to get rid of all files that belong to Cerber ransomware.
You can also try using manual removal. However, I would recommend opting for this option only if you are an experienced user:
1. Reboot your computer to the Safe Mode with Networking.
2. When in Safe Mode, open Windows Task Manager by clicking Ctrl + Shift + Esc at the same time.
3. Go to the Processes Tab. Find malicious processes of Cerber in the list (usually randomly-named ones). Right-click on them and choose Open File Location.
4. Once the folder is opened, end malicious processes and delete their folders.
5. Hold the Start Key and R, paste the following command and click OK:
notepad %windir%/system32/Drivers/
This will open a new file where you will find a list of IP addresses that are connected to the computer.
6. In the search field type msconfig and press enter. This will initiate System Configuration window.
7. In the System Configuration Window go to Startup Tab. Deselect all Startup Items that have Manufacturer titled as “Unknown.” However, sometimes malware include fake names of the Manufacturer. Thus, you need to make sure which processes are dangerous and which ones are real.
8. Open Windows Registry by typing Regedit in the search bar and pressing Enter. NOTE: Making modifications in Registry may lead to irreparable damage. Be careful!
9. When Windows Registry opens up, press CTRL + F and type the virus name. Look for the ransomware in the registry entries and delete them. Make sure you delete malicious files, not the legitimate ones.
10. In the Windows Search Field type these entries:
%AppData%
%LocalAppData%
%ProgramData%
%WinDir%
%Temp%
Check if something was added to these directories recently, and delete all entries from Temp.
Source: http://www.2-spyware.com/remove-cerber-virus.html
You can also try using manual removal. However, I would recommend opting for this option only if you are an experienced user:
1. Reboot your computer to the Safe Mode with Networking.
2. When in Safe Mode, open Windows Task Manager by clicking Ctrl + Shift + Esc at the same time.
3. Go to the Processes Tab. Find malicious processes of Cerber in the list (usually randomly-named ones). Right-click on them and choose Open File Location.
4. Once the folder is opened, end malicious processes and delete their folders.
5. Hold the Start Key and R, paste the following command and click OK:
notepad %windir%/system32/Drivers/
This will open a new file where you will find a list of IP addresses that are connected to the computer.
6. In the search field type msconfig and press enter. This will initiate System Configuration window.
7. In the System Configuration Window go to Startup Tab. Deselect all Startup Items that have Manufacturer titled as “Unknown.” However, sometimes malware include fake names of the Manufacturer. Thus, you need to make sure which processes are dangerous and which ones are real.
8. Open Windows Registry by typing Regedit in the search bar and pressing Enter. NOTE: Making modifications in Registry may lead to irreparable damage. Be careful!
9. When Windows Registry opens up, press CTRL + F and type the virus name. Look for the ransomware in the registry entries and delete them. Make sure you delete malicious files, not the legitimate ones.
10. In the Windows Search Field type these entries:
%AppData%
%LocalAppData%
%ProgramData%
%WinDir%
%Temp%
Check if something was added to these directories recently, and delete all entries from Temp.
Source: http://www.2-spyware.com/remove-cerber-virus.html
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2007 Inter… 197 lessons
-
Microsoft ApplicationsCertification: MCP MCSA Microsoft Certified Partner & Solutions Ass… 377 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2013 Part … 120 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
https://www.youtube.com/watch?v=xJM7rywenfE