Based on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the file or application.
If ransomware uses encryption to take files or an entire system hostage, the encryption may be sufficient to make it very difficult to decrypt the files without the necessary decryption key.
In such circumstances, the recommended course of action is to report the crime to the relevant authorities and restore the affected data from a backup.
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
Users may encounter Cerber ransomware in a number of ways:
Cerber ransomware will often use social engineering. This usually involves making the file, spam email or fake website look legitimate or desirable enough to lure the user into voluntarily running the file.
Once launched, the ransomware will silently encrypt files on a computer, essentially 'scrambling' the contents of the file so that the user can't access it normally without a decryption key that can correctly 'unscramble' it. This type of ransomware is known as crypto-ransomware.
Based on the type of ransomware involved, the user may be able to take further actions. In most cases however, the encryption used to hold the content or computer hostage is extremely difficult to break, making recovery impossible unless a) a clean, recent backup is available, or b) the decryption key is obtained.
In such circumstances, the recommended course of action is to report the crime to the relevant authorities and restore the affected data from a backup. Precautionary measures should also be taken to protect your content and machine from being vulnerable to ransomware in the future. For more information, see: