Cerber Ransomeware is a deadly
virus that encrypts your files, database, photos and other important documents
including music. The new Cerber Ransomeware 4.5.1 is the most recent virus that
was released in November 2016.
It hides the original copy of the
files and replaces it with an infected file with a name combination of
alphabets and numbers using the extension .a8ae. E.g. A6ghjko89.a8ae. The Cerber Ransomeware exchanges your files with
an encrypted file thereby hiding your original copy. It also hides chunks of
infected file in every important driver and folders in the system with the .hta
extension. E.g. README.hta
The virus was released as an
upgrade to the old .CERBER. Research has shown that this new virus type does
not have a proposed solution except you pay the ransom as ordered by the
inflictors.
The annoying thing about this
virus is, the perpetrators ask you to pay some ransom through any of the
online payment portal, PayPal, Bitcon etc so that your files can be restored to
its previous state.
The victim’s system is affected
from visiting porn sites, using of different web platforms containing veracious
ads and explicit contents and also incessant registration request. You are
likely to fall a victim if you have no or an outdated version of anti-virus or
your windows defender is not up to date.
This virus hits your system and
kills every normal process thereby freezing and taking over your desktop
background.
A Ransomeware hit system desktop background |
It also gives you an option for
your own page where you can go and recover a file free of charge so as to let
you know the genuinety of their agreement. After recovering a file free, you
are asked to pay the ransom so that other of your important files will be
restored. As it is, there is no guarantee that after paying the huge ransome,
your files will be restored.
Irrespective of the issue on
ground, we have a proposed solution for you, a means you can recover your files
without paying the ransom.
Follow the instructions below:
First,
scan your system to remove malwares using a malware byte scanner; then delete
all listed files marked as malicious.
Type MsConfig and press enter,
Select boot tab.
Select safe boot and press OK.
Press
start
Click control panel
Select Appearance and settings
Click folder options
Select view tab
Select show hidden files, folders
and drivers
Press ok.
Clean host file
Clean host file
Click start
Type %Windir%/system/drivers/etc/hosts
Open host file with notepad
This file must not contain any IP
address below the local host
Check
next folders to find suspicious files
%Temp%
%AppData%
%ProgramData%
Click
start
Type RegEdit.exe press enter
Clean startup folder:
HKLM/SOFTWARE/MICROSOFT/WINDOWS/CURRENTVERSION/RUN
Press
start
Type MsConfig
Press enter
Select startup tab
Uncheck suspicious programs
Press
start
Type MsConfig
Press enter
Select boot tab
Deselect safe boot and press ok.
Download a strong and recommended
anti-malware scanner and do a deep scan of the entire system. The following are
recommended:
·
Norton
·
Avast
·
Microsoft Windows Essential
·
Spy Hunter Malware Scanner
Recover
your files
Once you are hit by Cerber
Ransomeware 4.5.1 you cannot decrypt the files manually even with the help of a
cerber decryptor. This is because this version of virus is new and the solution
on the decryptor is outdated.
Therefore, the only way to
recover your files is by using the shadow explorer software and system restore.
However, you can recover your
files manually if you have a back up.
- Click start
- Click control panel
- System and security
- Backup and restore
- Restore files from backup
- Select checkpoint to restore.
Otherwise, do the following:
- Download ‘Shadow Explorer’.
- Install
- Do System restore to the point the system was OK before been infected by the virus.
- Run shadow explorer as an administrator
- Scan the system using the date of system restore.
- Recover the files and save to an external back up drive.
After a successful completion of
this process, format your system and reload your files.
Hope this works?
Written by our correspondent Williams Chibuike
Tags: Virus, Internet, Backup, System Recovery, Technology, Ransomeware
Follow us on twitter @koksnationn
Thanks for this blog, keep sharing your thoughts like this...
ReplyDeleteAdvantages of Azure
what is Azure?