What is BG85 Ransomware
BG85 is a ransomware relating to the Matrix Ransomware family. It has become common in recent days. Despite the fact that BG85 the cryptovirus targets English-speaking users, it is worth noting that this has spread almost throughout the world since the complaint about its presence comes from all over the world. Let’s first consider what a crypto virus is. This is a virus that encrypts user data of various formats and changes their extension. BG85 Ransomware, in particular, changes files’ extension to .BG85 (full extension is [BobGreen85@criptext.com].xxxxxxxx-xxxxxxxx.BG85). Also, it deletes shadow copies of files and system restore points in order to exclude the possibility of self-decryption of files. Moreover, the comma after encryption files become unsuitable for further use. Criminals caring leaves a note BG85_INFO.rtf that contains information about the possible ways of redemption. Below we provide an image of this note and its contents.
Moreover, fraudsters leave a special note HOW TO BACK YOUR FILES.txt, which contains information on methods of redemption and decryption of files. Here’s what it looks like:
ALL YOUR VALUABLE DATA WAS ENCRYPTED!
All your files were encrypted with strong crypto algorithm AES-256 + RSA-2048. Please be sure that your files are not broken and you can restore them today.
If you really want to restore your files please write us to the e-mails:
BobGreen85@criptext.com
BobGreen85@aol.com
BobGreen85@tutanota.com
In subject line write your ID: 1E40BEBB624B891C
Important! Please send your message to all of our 3 e-mail addresses. This is really important because of delivery problems of some mail services!
Important! If you haven’t received a response from us within 24 hours, please try to use a different email service (Gmail, Yahoo, AOL, etc).
Important! Please check your SPAM folder each time you wait for our response! If you find our email in the SPAM folder please move it to your Inbox.
Important! We are always in touch and ready to help you as soon as possible!
Attach up to 3 small encrypted files for free test decryption. Please note that the files you send us should not contain any valuable information. We will send you test decrypted files in our response for your confidence.
Of course you will receive all the necessary instructions how to decrypt your files!
Important!
Please note that we are professionals and just doing our job!
Please do not waste the time and do not try to deceive us – it will result only price increase!
We are always opened for dialog and ready to help you.
The size of the ransom may vary, however, on average, it can reach several hundred dollars. Of course, this is big money. Moreover, there is no guarantee that fraudsters really decrypt your files will return them to their original state, so we do not recommend you pay. Below you can read our recommendations to decrypt your files and remove BG85 Ransomware permanently.
Well, there are 2 options for solving this problem. The first is to use an automatic removal utility that will remove the threat and all instances related to it. Moreover, it will save you time. Or you can use the Manual Removal Guide, but you should know that it might be very difficult to remove BG85 ransomware manually without a specialist’s help.
If for any reason you need to recover deleted or lost files, then check out our article Top 5 Deleted File Recovery Software
BG85 Removal Guide
Remember that you need to remove BG85 Ransomware first and foremost to prevent further encryption of your files before the state of your data becomes totally useless. And only after that, you can start recovering your files. Removal must be performed according to the following steps:
- Download BG85 Removal Tool.
- Remove BG85 from Windows (7, 8, 8.1, Vista, XP, 10) or Mac OS (Run system in Safe Mode).
- Restore .BG85 files
- How to protect PC from future infections.
How to remove BG85 ransomware automatically:
Norton is a powerful antivirus that protects you against malware, spyware, ransomware and other types of Internet threats. Norton is available for Windows, macOS, iOS and Android devices. We recommend you to try it.
If you’re Mac user – use this.
Manual BG85 Removal Guide
Here are step-by-step instructions to remove BG85 from Windows and Mac computers. Follow these steps carefully and remove files and folders belonging to BG85. First of all, you need to run the system in a Safe Mode. Then find and remove needed files and folders.
Uninstall BG85 from Windows or Mac
Here you may find the list of confirmed related to the ransomware files and registry keys. You should delete them in order to remove virus, however it would be easier to do it with our automatic removal tool. The list:
BG85.dll
_readme.txt
readme.txt
Windows 7/Vista:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to BG85 by using Removal Tool;
- Delete found files;
Windows 8/8.1:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to BG85 by using Removal Tool;
- Delete found files;
Windows 10:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to BG85 by using Removal Tool;
- Delete found files;
Windows XP:
- Restart the computer;
- Press Settings button;
- Choose Safe Mode;
- Find programs or files potentially related to BG85 by using Removal Tool;
- Delete found files;
Mac OS:
- Restart the computer;
- Press and Hold Shift button, before system will be loaded;
- Release Shift button, when Apple BG85o appears;
- Find programs or files potentially related to BG85 by using Removal Tool;
- Delete found files;
How to restore encrypted files
You can try to restore your files with special tools. You may find more detailed info on data recovery software in this article – recovery software. These programs may help you to restore files that were infected and encrypted by ransomware.
Restore data with Stellar Data Recovery
Stellar Data Recovery is able to find and restore different types of encrypted files, including removed emails.
- Download and install Stellar Data Recovery
- Choose drives and folders with your data, then press Scan.
- Select all the files in a folder, then click on Restore button.
- Manage export location. That’s it!
Restore encrypted files using Recuva
There is an alternative program, that may help you to recover files – Recuva.
- Run the Recuva;
- Follow instructions and wait until scan process ends;
- Find needed files, BG85 them and Press Recover button;
How to prevent ransomware infection?
It is always rewarding to prevent ransomware infection because of the consequences it may bring. There are a lot of difficulties in resolving issues with encoders viruses, that’s why it is very vital to keep a proper and reliable anti-ransomware software on your computer. In case you don’t have any, here you may find some of the best offers in order to protect your PC from disastrous viruses.
Malwarebytes
SpyHunter is a reliable antimalware removal tool application, that is able to protect your PC and prevent the infection from the start. The program is designed to be user-friendly and multi-functional.