Petya+ Ransomware

What is Petya+ Ransomware?

Petya+ Ransomware is a malicious threat that only pretends to be a file-encrypting application. Our researchers at Anti-spyware-101.com have tested the malware, and they did not notice it encrypting even a single file. Therefore, if you encounter this threat, we urge you to pay no attention to its displayed warning since it tells only lies. As soon as you unlock the screen, you should see it for yourself that none of the files on the infected device were damaged. We invite you to continue reading our report if you wish to find out how this malicious application works. Also, further in the text, we will explain how to get rid of Petya+ Ransomware’s displayed warning message and how to remove the infection itself. Users who need detailed deletion instructions should have a look at the steps we placed at the end of the text too.

How does Petya+ Ransomware work?

The minute you launch the malware, it should lock your screen by placing a black borderless window with text written in white. According to this fake notification, one of the computer's disks was somehow damaged and needs to be repaired. It warns the process could take up to few hours and asks not to turn off the computer. After some time Petya+ Ransomware should replace the black screen with a red window picturing a skull made of various characters. The text below it should say “Press any key!” Then instead of the skull, you receive a window titled “You became a victim of the Petya Ransomware!” The text below it is considered to be the malware’s ransom note.

Even though the ransom note claims the malicious application have enciphered your data with a military grade encryption algorithm, and it is impossible to restore such files without a unique decryption key; in reality, it should not harm even a single files because the sample our researchers tested did not behave this way. It is entirely possible the infection’s creators are hoping to trick inexperienced users who may believe the ransom note is telling the truth. It is evident from the displayed ransom note that the hackers’ main goal is money extortion as they provide instructions on how to pay the ransom in exchange for decryption tools the user actually does not need. Thus, we would advise you to ignore the ransom note and learn how to get rid of Petya+ Ransomware.

How to erase Petya+ Ransomware?

First of all the user should unlock the screen and this you can do with Alt+F4 combination. Our researchers say users can unlock the screen this way no matter which screen (the black one, the one with the skull or with ransom note) of the three possible ones they could see. Then you should try to remember what was the last file you launched (it could have been a suspicious email attachment, an installer from unreliable file-sharing websites, and so on) because it was probably the malware’s launcher. After this file is erased, Petya+ Ransomware should be eliminated. For more detailed instructions take a look at the steps placed below. Also, keep it in mind you can remove the threat with a legitimate antimalware tool too. Users who do not have it yet should at least consider such option as it could help maintain the system clean and avoid malicious applications in the future.

Remove Petya+ Ransomware

1. Press Windows key+E.
2. Navigate to the directory where you might have downloaded the malware’s launcher, e.g. %TEMP%, %USERPROFILE%\desktop, %USERPROFILE%\downloads, and so on.
3. Right-click the malicious file and press Delete.
4. Close your File Explorer.
5. Right-click the Recycle bin to empty it.
6. Reboot the system. Download Removal Tool100% FREE spyware scan and
   tested removal of Petya+ Ransomware*