Petya+ Ransomware

Petya+ Ransomware is an imitation of a well-known ransomware-type infection Petya Ransomware that used to be actively spread some time ago. It also shows up on users’ PCs without permission and then opens three different windows, the last of which contains a ransom note in full screen, one after the other. It slightly differs from typical ransomware infections, research conducted by malware researchers at pcthreat.com has shown – it does not encrypt a single file. Instead, it only tries to scare users into believing that it is not a joke by showing the ASCII skull and a ransom note claiming that files have been encrypted “with an military grade encryption algorithm.” Do not pay attention to a single word you find in the message left for you and go to remove Petya+ Ransomware from your system as soon as possible. You will find more information about its removal provided in the last paragraph, but we can assure you that it will not be hard to get rid of it because this infection is not one of those harmful threats that make serious modifications to the system in order not to be deleted easily by users.

Despite the fact that Petya+ Ransomware is one of these malicious applications that enter PCs illegally, users find out about its appearance on their computers relatively soon. Once the malicious file of this infection is launched, it opens a fake Check Disk window claiming that “one of your disks contains errors and needs to be repaired.” Most probably, Petya+ Ransomware seeks to make sure that users do not restart their computers and do not disable it. This window is not the only one users see – a window with a skull and words “Press any key” at the bottom is opened to users when the Check Disk is “complete.” When it disappears, a ransom note is finally opened to users. It tells them that their files have been encrypted and there is no other way to restore files than purchasing a decryption key. Also, this window contains step-by-step instructions explaining how to purchase the decryptor. First, users are told to download the Tor Browser from its official website. Second, they must open one of the provided URLs. Third, the personal decryption code must be entered in the box located on the opened page. We can assure you that your files have not been encrypted. As a consequence, there is no need to send cyber criminals money, so do not even bother opening any of these provided URLs. Instead, close the window by pressing Alt+F4 and then go to erase this infection from your computer. The last paragraph of this article primarily focuses on its removal.

Usual ways of distributed are used to spread Petya+ Ransomware, so we cannot tell anything new about its dissemination. According to experienced researchers at pcthreat.com, it should be mainly distributed via spam email campaigns as other ransomware infections. In such a case, a ransomware infection is hidden in a spam email as an email attachment. Users might also find a malicious link in such an email – malware ends up on the system when they double-click on it. Last but not least, ransomware infections might successfully enter computers with the help of other malicious applications that are not associated with them in any way. For example, ransomware infections might be dropped on users’ PCs by Trojan infections. We do not know exactly how Petya+ Ransomware has landed on your computer, but we know one thing for sure – you must delete it from your system as soon as possible because, theoretically, it might be updated one day and then lock your files without mercy.

Before you go to delete Petya+ Ransomware from your computer, you must eliminate its window from your Desktop so that you could access the Windows Explorer and other places on your PC freely – press Alt+F4 on your keyboard to make it gone. Your next task is to delete all recently downloaded files. They should be located in %USERPROFILE%\Downloads or %USERPROFILE%\Desktop. You can also erase them all using an automated malware remover.

Delete Petya+ Ransomware

1. Press Alt+F4 simultaneously to close the window of Petya+ Ransomware.
2. Press Win+E to open the Windows Explorer.
3. Check %USERPROFILE%\Desktop and %USERPROFILE%\Downloads.
4. Delete all suspicious files.
5. Empty the Trash bin.