Currently no, there is no way to decrypt Cerber 3 encrypted files without paying the ransom, which of course is not recommended.

is that possible to decrypt the encrypted file by cerber3 ransomeware

If I’m correct about the ransomware you have, it is Cerber, and this ransomware is currently not decryptable. You may learn more by reading here:

http://www.bleepingcomputer.com/news/security/the-cerber-ransomware-not-only-encrypts-your-data-but-also-speaks-to-you/

If you’d like, you may send an email to support@emsisoft.com and we’ll go through verifying the ransomware variant with you.

Backups has to be a central point of any computer security plan, by having these, one can avoid ransom payment by restoring the drive(s) from the most recent. That is, after a secure erase of the drive, if SSD, or a more potent tool such as Darin’s Boot & Nuke on HDD’s, booting from the CD & typing ‘autonuke’ at the prompt. This may take overnight to run, depending on size of the drive.

Then to ensure on a HDD that no infection resides in the Bootloader, use a bootable partition tool to reset MBR to the OS being used, or closest to it.

Once the drive is clean, then it’s safe to restore the OS.

Cloning important drives daily & swapping can also help with businesses, and the same for Home users, though on a less frequent schedule. All data should go to another drive as created (preferably detachable external) & should be imaged more often than the OS drive or partition. Should also be detached as soon as any data is copied/saved.

I see this all the time on Bleeping Computer, way too many computer owners falls prey to this, w/out the first backup, nor have created recovery media sets to restore the OS, all too often, while at the same time depending on ‘free’ (some with PUP’s built in) AV solutions. Security should not include popups for 3rd party offerings, while it’s OK to remind when it’s approaching renewal time with or w/out a promo, anything other is unacceptable.

It’s a wonder (yet thankfully) that we don’t see more of these attacks, those running unsupported OS’s are at the most risk. While AV/IS solutions can protect against a lot of attacks, these can’t nor are designed to, patch the OS when needed. And when unsupported, becomes riddled with bullet holes that no security can protect.

So it’s best to run supported Windows, use a quality security offering like Emsisoft provides, have an adequate backup protections plan for your needs in place (and don’t forget to unplug these when not used), keep important data off of the ‘C’ drive as created, chances of paying Ransom are much slimmer.

Sounds complicated? It’s not, anyone can do all of the above with little effort, and in the case of the hospital in the article, chances are, this happened because of lax employee Internet access. All it takes is the opening of one bad email, the heat is on. Employers should not permit those other than key employees needed for day to day operations to have outside Internet access for any reason. They can bring their smartphones or notebooks for checking their own emails, or course off on the company’s network. Maybe one that’s used for guest access where appropriate, otherwise have a strict network policy.

Cat