Petya.a virus and the files associated with it: Petya.a Virus.html, Petya.a Virus.txt, Petya.a Virus.bmp

New files associated with the latest Petya ransomware attack

Petya virus is a cyber threat that first hit the web in 2016 and has been actively spreading throughout the web. Together with Micha ransomware, Petya has also become a part Janus affiliate program. During the time, virus developers have been launching new virus versions.

The latest release was especially successful. Petya has deviated from the original version so much that the some experts have labeled it as NotPetya, Petya.a, or given it a completely different name, such as GoldenEye[3]. The virus has already affected more than 2,000 computers.

There are several files associated with the new Petya. Apart from secretly deploying its executable on the computer, the virus also drops ransom demanding notes in different formats html, txt and png:

  • Petya.a Virus.html file can be found on all computer folders containing encrypted data. This web browser-based document contains information about the current system’s condition and possible data recovery options.
  • Petya.a Virus.txt is the plain text version of the same ransom note. It will be dropped on encrypted data containing folders together with the .html file and set forward the conditions for data recovery.
  • Petya.a Virus.bmp is another file that the ransomware drops on the infected PC. This one is different to .html and .txt files because it comes in a picture format and does not show up on the ransomware-affected computer folders. The virus drops this file on the desktop and uses it to replace the original desktop picture.

If you see any of these files on your PC, you can be certain that your device is infected and you must take action to remove Petya.a from your computer.

The malicious ways virus files enter computers

Petya.a Virus.html, Petya.a Virus.txt or Petya.a Virus.bmp files do not travel around on their own. They are brought on the computer by Petya.a and signal ransomware infection.

Ransomware may hijack computers in a variety of different ways: malvertising, phishing[4], spam campaigns, exploit kits or fake software update notifications. If the virus creators decide to target you, it is virtually impossible to prevent the attack. Thus, experts recommend keeping backup copies of your files and store them on locations separate from your PC.

Remove Petya.a files safely

In order to get rid of the ransomware files, you must remove Petya.a virus from your PC first. Remember that eliminating these malicious documents individually will not free your computer from the malware and it will continue encrypting your files and damaging your system in other ways.

For Petya.a removal, please use reputable, updated and legal antivirus software.

Ugnius Kiguolis