What is Aztec ransomware
Aztec ransomware is a crypto-virus, that is using AES encryption algorithms to encode all the personal data of a victim. This virus is not quite new, it is one of the countless versions of Scarab ransomware. Cyber criminals are trying to maximize their incomes by creating newer versions of Scarab to infect more users around the globe. Here is an encipher workflow: first, it read the original data; then the virus removes it; then creates the encoded files, adding extension .aztecdecrypt@protonmail.com; finally the ransomware writes the encoded files. If you got your PC infected with this virus, use this guide to remove Aztec ransomware and decrypt .aztecdecrypt@protonmail.com files.
Aztec ransomware adds .aztecdecrypt@protonmail.com to the name of all the encrypted files. Here is an example of infected files:
When the encoding process is over, a victim will find out that the files can’t be opened anymore: work documents, any other texts, presentations, photos, videos, databases. Once all the data is encrypted, the ransomware will drop HOW TO DECRYPT FILES.TXT file. You may find the ransom note in this file:
Your files are now encrypted!
All your files have been encrypted due to a security problem with your PC.
Now you should send us email with your personal identifier.
This email will be as confirmation you are ready to pay for decryption key.
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.
After payment we will send you the decryption tool that will decrypt all your files.
Contact us using this email address: aztecdecrypt@protonmail.com or aztecdecryptor@mailfence.com
If you don’t get a reply or if the email dies, then contact us using Bitmessage.
Download it form here: https://bitmessage.org/wiki/Main_Page
Run it, click New Identity and then send us a message at BM-NBRCUPTenKgYbLVCAfeVUHVsHFK6Ue2F
Free decryption as guarantee!
Before paying you can send us 1 files for free decryption.
The total size of file must be less than 10Mb (non archived), and file should not contain
valuable information (databases, backups, large excel sheets, etc.).
How to obtain Bitcoins?
* The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click
‘Buy bitcoins’, and select the seller by payment method and price:
https://localbitcoins.com/buy_bitcoins
* Also you can find other places to buy Bitcoins and beginners guide here:
http://www.coindesk.com/information/how-can-i-buy-bitcoins
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price
(they add their fee to our) or you can become a victim of a scam.
Your personal identifier:
pAQAAAAAAABTK***Ie2xSSR+BjmyDzED
There are two solutions of this problem. First is to use special Removal Tool. Removal Tools delete all instances of malware by few clicks and help user to save time. Or you can use Manual Removal Guide, but you should know that it might be very difficult to remove Aztec ransomware manually without specialist’s help.
Aztec Removal Guide
- Download Aztec Removal Tool.
- Remove Aztec from Windows (7, 8, 8.1, Vista, XP, 10) or Mac OS (Run system in Safe Mode).
- How to restore files
- How to protect PC from future infections.
How to remove Aztec ransomware automatically:
Thor Home may help you to get rid of this virus and clean up your system. In case you need a proper and reliable antivirus, we recommend you to try it.
Manual Aztec Removal Guide
Here is step-by-step instructions to remove Aztec from Windows and Mac computers. Follow this steps carefully and remove files and folders belonging to Aztec. First of all, you need to run system in a Safe Mode. Then find and remove needed files and folders.
Uninstall Aztec from Windows or Mac
Here you may find the list of confirmed related to the ransomware files and registry keys. You should delete them in order to remove virus, however it would be easier to do it with our automatic removal tool. The list:
crpt034.exe
scrb.dll
scarab.exe
HOW TO RECOVER ENCRYPTED FILES.TXT
Windows 7/Vista:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to Aztec by using Removal Tool;
- Delete found files;
Windows 8/8.1:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to Aztec by using Removal Tool;
- Delete found files;
Windows 10:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to Aztec by using Removal Tool;
- Delete found files;
Windows XP:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to Aztec by using Removal Tool;
- Delete found files;
Mac OS:
- Restart the computer;
- Press and Hold Shift button, before system will be loaded;
- Release Shift button, when Apple logo appears;
- Find programs or files potentially related to Aztec by using Removal Tool;
- Delete found files;
How to restore encrypted files
You can try to restore your files with special tools. You may find more detailed info on data recovery software in this article – recovery software. These programs may help you to restore files that were infected and encrypted by ransomware.
Restore data with Stellar Data Recovery
Stellar Data Recovery is able to find and restore different types of encrypted files, including removed emails.
- Download and install Stellar Data Recovery
- Choose drives and folders with your data, then press Scan.
- Select all the files in a folder, then click on Restore button.
- Manage export location. That’s it!
Restore encrypted files using Recuva
There is an alternative program, that may help you to recover files – Recuva.
- Run the Recuva;
- Follow instructions and wait until scan process ends;
- Find needed files, mark them and Press Recover button;
How to prevent ransomware infection?
It is always rewarding to prevent ransomware infection because of the consequences it may bring. There are a lot of difficulties in resolving issues with encoders viruses, that’s why it is very vital to keep a proper and reliable anti-ransomware software on your computer. In case you don’t have any, here you may find some of the best offers in order to protect your PC from disastrous viruses.
Malwarebytes
SpyHunter is a reliable antimalware removal tool application, that is able to protect your PC and prevent the infection from the start. The program is designed to be user-friendly and multi-functional.