Jump to content

Will MBAR remove CERBER2 from PC's?


Recommended Posts

I have a client with two computers that are infected with CERBER2.  We've contained it by shutting down those PC's immediately, but not before some files were lost (encrypted) throughout the server.  We have backups, so not worried there.

However, wondering what to do with the PC's themselves?  Will MBAR scan and remove CERBER2 (disconnected from network, of couse) or should I install new SSD and reinstall Windows from scratch?

Thanks for any ideas.

Link to post
Share on other sites

Hello Lancorp and :welcome:

Malwarebytes Anti-Rootkit Beta (MBAR Beta) is the perpetual Anti-Rootkit beta testing vehicle for Malwarebytes' Anti-Malware's (MBAM) Anti-Rootkit module and the standalone application for anti-rootkit scanning, identification and removal.

Malwarebytes Anti-Ransomware Beta (MBARW Beta) does not scan & remove but is designed to block & quarantine ransomware malware activity as the infection attempts to execute.

Malwarebytes Anti-Malware (MBAM) can scan for, and remove Cerber malware, but in your user's situation I recommend: 1.) An investigation be made to locate the most recent effective efforts to recover .Cerber2 encrypted files and 2.) in the strongest possible terms you employ supervised malware removal help to also mitigate the attack vector(s) and delivery of the original malware.

I recommend following the advice from the topic: Available Assistance for Possibly Infected Computers and have one of the Malware Removal Experts assist you with your issue.

If, as recommended, you do open a topic in Malware Removal Help, please make reference to this thread.

If you would like to get off to a very fast start, the Malware Removal Experts would appreciate it if you would also attach (not compress/copy/paste) both the FRST.txt and the Addition.txt output diagnostic reports from only Log Set 1 into your new topic. Please do not alter any pre-configured FRST categories as the default settings are well suited for malware removal actions.

Thank you.

Edited by 1PW
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.