Malware

Should I remove “Heur.NSIS.Cerber.2”?

Malware Removal

The Heur.NSIS.Cerber.2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Heur.NSIS.Cerber.2 virus can do?

  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Heur.NSIS.Cerber.2?



File Info:

crc32: 5051B894
md5: c73a293f439b3310d12068b9eb47c979
name: ncmcryptopluginru_setup.exe
sha1: d2be169fc89265d6529999b17d186855f37a1cf6
sha256: ad8f8cc7d86e4283a4191ff090b78012a37c43684512b8034e1729c6b199d24f
sha512: 98d6cbfb02363a085cc8ecd36a624ee5afd23d70d749f53101e945cad29a2fd24ae9160003292f3477f737faeb595d12f4a615126f7d57cb9c7e801b2a6ea608
ssdeep: 98304:ej8C99PrVldq3Pl2P8gnb1ppdTZBYTkGkk5Q:ejLjTdqf4Xb1pPYTze
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: x420x423x41f xabx41dx410x426x418x41ex41dx410x41bx42cx41dx42bx419 x426x415x41dx422x420 x41cx410x420x41ax415x422x418x41dx413x410 x418 x41ax41ex41dx42ax42ex41dx41ax422x423x420x42b x426x415x41dxbb, 2019
ProductName: NCM Crypto Service RU
FileDescription: x41ex431x435x441x43fx435x447x438x432x430x435x442 x440x430x431x43ex442x443 x43ax440x438x43fx442x43ex433x440x430x444x438x447x435x441x43ax43ex433x43e x41fx41e x432 x431x440x430x443x437x435x440x430x445, x43ex442x43bx438x447x43dx44bx445 x43ex442 Internet Explorer
FileVersion: 0.1.4.0
CompanyName: NCMPS
Translation: 0x0419 0x04e3

Heur.NSIS.Cerber.2 also known as:

BkavHW32.Packed.
MicroWorld-eScanGen:Heur.NSIS.Cerber.2
BitDefenderGen:Heur.NSIS.Cerber.2
APEXMalicious
GDataGen:Heur.NSIS.Cerber.2
AegisLabTrojan.Win32.Cerber.4!c
EmsisoftGen:Heur.NSIS.Cerber.2 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
FireEyeGen:Heur.NSIS.Cerber.2
CyrenW32/Trojan.POWV-5805
ArcabitTrojan.NSIS.Cerber.2
MAXmalware (ai score=84)
MaxSecureTrojan.Malware.11973.susgen
Cybereasonmalicious.f439b3
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.ca3

How to remove Heur.NSIS.Cerber.2?

Heur.NSIS.Cerber.2 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment