Cyber Ransomware - virus

Sidebar Sidebar
H

hellagrant

Distinguished
Jul 6, 2009
3
0
18,510
Need some general guidance please. It looks like this is something called "Cerber Ransomware". After opening a file sent my an anonymous sender from craigslists, many files have become locked.

2d9a2s5.png
 
Solution
Saga Lout
Go into Control Panel>Administrative Tools>Services and scroll through to the Volume Shadow Copy entry. Is it set to Automatic and is it running?

If it is, you might have a good chance of recovering the files using Recuva or similar. Recuva is free from http://www.pirirform.com, the CCleaner people.

If that Service is disabled, there's little chance of recovery. Just don't waste money on the scum who raied your machine - they have no reason to give you a decryption key once they've been paid.
Sort by date Sort by votes
bignastyid

bignastyid

Splendid
Moderator
Jun 19, 2011
3,145
58
26,840
I guess you learned the lesson of why you shouldn't open attachments from unknown sources. I hope you had a backup of your data that wasn't attached to the system and the time of infection. It is possible to remove the ransonmware, but there is no way of decrypting the files.
https://www.pcrisk.com/removal-guides/9842-cerber-ransomware
http://www.bleepingcomputer.com/news/security/the-cerber-ransomware-not-only-encrypts-your-data-but-also-speaks-to-you/
https://blog.malwarebytes.com/threat-analysis/2016/03/cerber-ransomware-new-but-mature/
 
Upvote 0 Downvote
schwatzz

schwatzz

Estimable
Jun 23, 2014
82
0
4,610
If you want your files back, you will have to do whatever he wants. Even then, there is a pretty good chance you won't see those files again, these ransomware people couldn't care less what happens to you.
 
Upvote 0 Downvote
Saga Lout

Saga Lout

Olde English
Mar 31, 2010
5,745
57
46,800
Go into Control Panel>Administrative Tools>Services and scroll through to the Volume Shadow Copy entry. Is it set to Automatic and is it running?

If it is, you might have a good chance of recovering the files using Recuva or similar. Recuva is free from http://www.pirirform.com, the CCleaner people.

If that Service is disabled, there's little chance of recovery. Just don't waste money on the scum who raied your machine - they have no reason to give you a decryption key once they've been paid.
 
Upvote 0 Downvote
Solution
H

hellagrant

Distinguished
Jul 6, 2009
3
0
18,510


Will try this. Thank you.

So I been reading articles regarding this type of scam, amazing. People actually pay!!! no wonder why this is a growing trend, hundreds even thousands!!!!
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

I
Question Methods to restore corrupted combined program files made into zip files
Replies
11
Views
1K
Laptop Tech Support
COLGeek
COLGeek
A
Question Relentlessly getting hacked :(
Replies
1
Views
3K
Laptop General Discussion
Boristheengineer
B
B
  • Locked
Help me get my old external hard drive working again, to recover sentimental files!
Replies
2
Views
2K
Off-Topic / General Discussion
biancahatfield
B
F
  • Question
Question Yahoo Email: I can only embed one image in an Email.
Replies
5
Views
4K
Apps General Discussion
Fred Wax Bean Lasagna
F
J
  • Solved
Solved! Had a virus and i THINK i solved it
Replies
1
Views
6K
Antivirus / Security / Privacy
COLGeek
COLGeek

TRENDING THREADS

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom