What is AW46 Ransomware
AW46 is a cryptovirus developed by Matrix Ransomware family in Sep 2020 (analogs: JB88, NewRAR, S996, BG85, Core, and so on). It encrypts user data of various formats, such as documents to the office, audio, video, multimedia, archives, and more.
It encrypts files using AES-RSA encryption, and then requires a ransom in bitcoins, which can be up to $1,500-2,000. Like other crypto viruses, it changes the extension of the infected files, namely to .aw46. Of course, the files become unusable for further use. AW46 can also delete shadow copies of files or system restore points so that the user cannot restore his files on his own. This virus uses !AW46_INFO!.rtf text file as an informant-note. Here’s how it looks like.
HOW TO RECOVER YOUR FILES INSTRUCTION
ATENTION!!!
We are realy sorry to inform you that ALL YOUR FILES WERE ENCRYPTED
by our automatic software. It became possible because of bad server security.
ATENTION!!!
Please don’t worry, we can help you to RESTORE your server to original
state and decrypt all your files quickly and safely!INFORMATION!!!
Files are not broken!!!
Files were encrypted with AES-128+RSA-2048 crypto algorithms.
There is no way to decrypt your files without unique decryption key and special software. Your unique decryption key is securely stored on our server. For our safety, all information about your server and your decryption key will be automaticaly DELETED AFTER 7 DAYS! You will irrevocably lose all your data!
* Please note that all the attempts to recover your files by yourself or using third party tools will result only in irrevocable loss of your data!
* Please note that you can recover files only with your unique decryption key, which stored on our side. If you will use the help of third parties, you will only add a middleman.HOW TO RECOVER FILES???
Please write us to the e-mail (write on English or use professional translator):
newrar@tuta.io
newrar@cock.lu
empty
You have to send your message on each of our 3 emails due to the fact that the message may not reach their intended recipient for a variety of reasons!In subject line write your personal ID:
27684CB220F940E8
We recommed you to attach 3 encrypted files to your message. We will demonstrate that we can recover your files.
* Please note that files must not contain any valuable information and their total size must be less than 5Mb.OUR ADVICE!!!
Please be sure that we will find common languge. We will restore all the data and give you recommedations how to configure the protection of your server.We will definitely reach an agreement 😉 !!!
ALTERNATIVE COMMUNICATION
If yоu did nоt rеcеivе thе аnswеr frоm thе аfоrеcitеd еmаils fоr mоrе then 24 hours please sеnd us Bitmеssаgеs frоm а wеb brоwsеr thrоugh thе wеbpаgе hxxps://bitmsg.me. Bеlоw is а tutоriаl оn hоw tо sеnd bitmеssаgе viа wеb brоwsеr:
1. Оpеn in yоur brоwsеr thе link hxxps://bitmsg.me/users/sign_up аnd mаkе thе rеgistrаtiоn bу еntеring nаmе еmаil аnd pаsswоrd.
2. Уоu must cоnfirm thе rеgistrаtiоn, rеturn tо уоur еmаil аnd fоllоw thе instructiоns thаt wеrе sеnt tо уоu.
3. Rеturn tо sitе аnd сlick “Lоgin” lаbеl оr usе link hxxps://bitmsg.me/users/sign_in, еntеr уоur еmаil аnd pаsswоrd аnd click thе “Sign in” buttоn.
4. Сlick thе “Сrеаtе Rаndоm аddrеss” buttоn.
5. Сlick thе “Nеw mаssаgе” buttоn.
6. Sеnding mеssаgе:
Tо: Еntеr аddrеss: BM-2cXRWRW5Jv5hxbhgu2HJSJrtPf92iKshhm
Subjесt: Еntеr уоur ID: –
Mеssаgе: Dеscribе whаt уоu think nеcеssаrу.
Сlick thе “Sеnd mеssаgе” buttоn.
E5i5RMGB
In the note, attackers warn users against making changes to encrypted files themselves. According to attackers, these files can be lost forever. Also, fraudsters offer free decrypt 3 files, thereby proving their good intentions. Of course, we do not recommend you to do this, you need to and familiarize yourself with our instructions, which are listed below, to try to remove AW46 Ransomware and decrypt your files.
Well, there are 2 options for solving this problem. The first is to use an automatic removal utility that will remove the threat and all instances related to it. Moreover, it will save you time. Or you can use the Manual Removal Guide, but you should know that it might be very difficult to remove AW46 ransomware manually without a specialist’s help.
If for any reason you need to recover deleted or lost files, then check out our article Top 5 Deleted File Recovery Software
AW46 Removal Guide
Remember that you need to remove AW46 Ransomware first and foremost to prevent further encryption of your files before the state of your data becomes totally useless. And only after that, you can start recovering your files. Removal must be performed according to the following steps:
- Download AW46 Removal Tool.
- Remove AW46 from Windows (7, 8, 8.1, Vista, XP, 10) or Mac OS (Run system in Safe Mode).
- Restore .AW46 files
- How to protect PC from future infections.
How to remove AW46 ransomware automatically:
Norton is a powerful antivirus that protects you against malware, spyware, ransomware and other types of Internet threats. Norton is available for Windows, macOS, iOS and Android devices. We recommend you to try it.
If you’re Mac user – use this.
Manual AW46 ransomware Removal Guide
Here are step-by-step instructions to remove AW46 from Windows and Mac computers. Follow these steps carefully and remove files and folders belonging to AW46. First of all, you need to run the system in a Safe Mode. Then find and remove needed files and folders.
Uninstall AW46 from Windows or Mac
Here you may find the list of confirmed related to the ransomware files and registry keys. You should delete them in order to remove virus, however it would be easier to do it with our automatic removal tool. The list:
no information
Windows 7/Vista:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AW46 by using Removal Tool;
- Delete found files;
Windows 8/8.1:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AW46 by using Removal Tool;
- Delete found files;
Windows 10:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AW46 by using Removal Tool;
- Delete found files;
Windows XP:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to AW46 by using Removal Tool;
- Delete found files;
Mac OS:
- Restart the computer;
- Press and Hold Shift button, before system will be loaded;
- Release Shift button, when Apple AW46o appears;
- Find programs or files potentially related to AW46 by using Removal Tool;
- Delete found files;
How to restore encrypted files
You can try to restore your files with special tools. You may find more detailed info on data recovery software in this article – recovery software. These programs may help you to restore files that were infected and encrypted by ransomware.
Restore data with Stellar Data Recovery
Stellar Data Recovery is able to find and restore different types of encrypted files, including removed emails.
- Download and install Stellar Data Recovery
- Choose drives and folders with your data, then press Scan.
- Select all the files in a folder, then click on Restore button.
- Manage export location. That’s it!
Restore encrypted files using Recuva
There is an alternative program, that may help you to recover files – Recuva.
- Run the Recuva;
- Follow instructions and wait until scan process ends;
- Find needed files, select them and Press Recover button;
How to prevent ransomware infection?
It is always rewarding to prevent ransomware infection because of the consequences it may bring. There are a lot of difficulties in resolving issues with encoders viruses, that’s why it is very vital to keep a proper and reliable anti-ransomware software on your computer. In case you don’t have any, here you may find some of the best offers in order to protect your PC from disastrous viruses.
Malwarebytes
SpyHunter is a reliable antimalware removal tool application, that is able to protect your PC and prevent the infection from the start. The program is designed to be user-friendly and multi-functional.