Virus introduction:
Recently, Kingsoft Antivirus Security Center received feedback from users that the server was poisoned and some files were encrypted, including pictures, videos, and Office documents. After encryption, the file name suffix was changed to [decryptyourfileshereee1@cock.li].aleta and could not be opened normally.
Accordingly, Kingsoft Antivirus named it Aleta, which is similar in nature to previous ransomware viruses.
After analysis, security personnel found that the virus uses the AES-256 high-strength encryption algorithm and will fully infect all types of files except key folders on the system disk.
uninfected directories
The virus aims to extort money and will place a document (in English) in the encrypted file directory, prompting that all files have been encrypted and asking the victim to pay Bitcoin as a ransom.
In terms of the ways in which ransomware spreads, email attachments with viruses and websites with malware are all possible.
Judging from the current situation, most of the victims are from enterprises, but ordinary users cannot take it lightly.
Aleta ransomware solution:
1. Use the control panel that comes with the system - Add and Remove Programs to check for abnormal programs in the system and delete them. 2. View commonly used browser plug-ins (extensions): delete all extensions you have not seen. 3. Back up the ransomware files and delete all infected files in the system. 3. Use 360 Repair DNS to repair the homepage to repair vulnerabilities, scan the entire system, and restart the system. 4. After restarting, check to add or remove programs and IE extensions. If not, please format and reinstall the system.
Useful
Useful
Useful