Note: Before proceeding, you should bookmark this page or open it on another device like a smartphone or PC. Some steps may require you to exit the browser on this PC.
2. Task Manager
Press Ctrl + Shift + Esc to enter Task Manager. Go to the tab labeled Processes (or Details on Win 8/10). Look carefully at the list of processes currently operating on the PC.
If any of these processes seem shady, consume too much RAM / CPU, or have a strange description or no description, right-click on the process, select Open File Location and delete everything. over there.
Also, even if you don’t delete files, be sure to stop the suspicious process by right clicking on the file and selecting End Process.
3. IP related to .Mogera
Access C: \ windows \ system32 \ drivers \ etc \ hosts. Open the server file with notepad.
Find the location of Localhost and see the information below.
If you see any IP addresses there (below Localhost), double check that they can come from .Mogera.
4. Disable the Startup programs
Reopen the Start menu and type msconfig.
Click on the first search result. In the next window, go to the Startup tab. If you’re on Windows 10, you’ll get to the Task Manager Startup section, as shown in the image below:
If you see any entries that look shady in the list (unknown manufacturer or manufacturer name seems suspicious) then there’s a good chance there’s a connection between them and .Mogera, turn off the program and select OK.
5. Registry Editor
Press the Windows + R key combination and in the resulting window, enter regedit.
Now, press Ctrl + F and enter the name of the virus.
Delete everything found. If you are not sure whether to delete something or not, feel free to leave your comments in the comment section below. Remember that by deleting something, you can cause problems with your PC.
6. Delete hidden malicious data .Mogera
Enter each of the following locations in the Windows search box and press Enter to open these locations:
- % AppData%
- % LocalAppData%
- % ProgramData%
- % WinDir%
- % Temp%
Delete everything you see in Temp associated with ransomware .Mogera. For other folders, sort their content by date and delete only the most recent items. As mentioned above, if you are not sure about something, leave comments in the comment section.
7. Decode .Mogera
The previous steps are aimed at removing ransomware.Mogera from your PC. However, to regain access to the files, you will also need to decrypt or restore them.
Hope you are succesful.