For the last two weeks, the ransomware Peyta which is designed to make your data inaccessible. His goal: squeeze you for money in exchange for a decryption key. Fortunately, there is a way to avoid checkout.
How to remove ransomware Peyta
Detected by the antivirus company G DATA on Thursday March 24, Peyta capture and block your entire hard drive, unlike Locky and CryptoWall and other ransomware that target certain files. Once the small executable file is launched (hidden in the form of a resume in a Dropbox folder), the program manipulates the master boot record, and reboots the system. After the reboot a screen with the appearance of a Check Disk process which can be normal after a reboot. This process is actually an encryption master file table that activates Peyta.
The system is then made inaccessible and a message appears indicating that the victim must pay a ransom by connecting to an address on Tor. On this page, it says that your hard drive is encrypted using a strong algorithm and if you do not pay within 7 days, the price of the ransom (0.99 bitcoin, or about $416 USD) is doubled.
Thankfully those behind Peyta have focused primarily on the persuasive message instead of a strong algorithm. In reality, the master file table is Base64 encoded, which allows decoding without too much difficulty. If you have been affected by this virus, you can get more information on how to remove ransomware Peyta here and here for the actual key generator.
Again, we can only encourage you to pay close attention to executable files that you receive by email or download on Internet.