How to remove BWall ransomware and decrypt .bwall files

How to remove BWall ransomware and decrypt .bwall files

What is BWall Ransomware

BWall ransomware is a cryptovirus encrypting user file of various types and formats. This cryptovirus became active at the end of September this year. Initially, this cryptovirus was aimed at English-speaking users, but it has already spread to all corners of the earth. BWall ransomware encrypts files using a multi-step algorithm, after which the files cannot be used. Of course, the main question becomes “how to remove BWall ransomware from the system” We will talk about this further.

remove BWall ransomware

In addition to encryption, BWall ransomware changes the extension of encrypted files by adding .bwall. It is worth noting that even manually renaming a file or changing the extension will not help. BWall ransomware creates a text file containing ransom information. Here is the file:

remove BWall ransomware

Your files are encrypted!
Your files (documents, pictures, audio files, source codes) were encrypted with combination of AES-256 and RSA-4096 cryptographic algorithms. Your files will not be deccryptable, without our special decryption service; furthermore, there is an condition that will leave your files encrypted forever if it’s not met: there is a deadline to pay for your data! if that is exceeded, we will not let you decrypt your data (we will not offer any kind of service), YOU have exactly two weeks to decrypt your data! NO recovery tool will help you, such as Recuva, and no Microsoft feature will help (shadow copies). Files with “.bw” extension are encrypted, verify.
The current date time was inserted into the ID, and we can guess every patching attempt. End of the deadline: HU-HU-HAI
TO pay for your files, follow these steps:
1) set-up a Bitcoin account, we cannot help you in that, but you can search on Google or similar for “bitcoin get started or “bitcoin help”, YOU can skip this step, if you have already one; we also accept Monero as currency, and we’ll give a discount if an anonymous currency like that is used (20%). Do the same research to set-up a Monero account if you don’t have one, as well.
2) send the following amount of money (0,018 BTC) to the following Bitcoin address, and keep the TXID (payment\transaction ID) for later: lP7VBy5YLBRxNiTjBCgUEzyryzEcfdQWGD
Monero address, for “getting a discount”: 44NMuci8TSUJ4TBafyJpQDAHjTBStCobXWAVmB3imJiaCZfGxotyfZ5LW83vqYdHKM5DG3i 3aFsw7fjnc8ga9JBk6bWAuHa
3) After, send this file and the TXID of before to the following e-mail address, with the subject “Decryption” and with a e-mail address that can receive e-mails at every moment; don’t use temporary services, we will reply after six hours at least: dawndec001@protonmai1.com
4) wait, you will get an e-mail with even more istructions, and, the decryptor. Don’t rename, modify, or try to decrypt your files without our special service. Don’t modify this text file! Don’t make decryption impossible even for us.
ID: KILL-ID
Don’t modify the ID! Remember, any bad words to our side will make your address banned! Also, please, don’t try to patch or decompile the decryptor once you get it, it doesn’t contain the private key of the encryption algorithm.

In the note, fraudsters demand a ransom of $ 0.018BTC, which, according to the exchange rate, is $145.74. Cryptocurrencies were chosen to conceal their activities, because cryptocurrency transactions are almost impossible to track. However, we still do not advise you to pay, despite the fact that the amount does not seem so large (compared to similar threats). No one can guarantee you decryption of files. Use our recommendations to remove BWall ransomware xxx and decrypt .bwall files.

Well, there are 2 options for solving this problem. The first is to use an automatic removal utility that will remove the threat and all instances related to it. Moreover, it will save you time. Or you can use the Manual Removal Guide, but you should know that it might be very difficult to remove BWall ransomware manually without a specialist’s help.

BWall Removal Guide

Warning alert
Remember that you need to remove BWall Ransomware first and foremost to prevent further encryption of your files before the state of your data becomes totally useless. And only after that, you can start recovering your files. Removal must be performed according to the following steps:

  1. Download BWall Removal Tool.
  2. Remove BWall from Windows (7, 8, 8.1, Vista, XP, 10) or Mac OS (Run system in Safe Mode).
  3. Restore .BWall files
  4. How to protect PC from future infections.

How to remove BWall ransomware automatically:

NORTON3
Orientation: 1
Download Removal Tool

Thor Home may help you to get rid of this virus and clean up your system. In case you need a proper and reliable antivirus, we recommend you to try it.
iOS and Windows compatible

Alternative solution – Malwarebytes
This program will find malicious files, hijackers, adware, potentially unwanted programs and will neutralize it. Also, Norton will help you clean your system properly.
If you’re Mac user – use this.

Manual BWall Removal Guide

Here are step-by-step instructions to remove BWall from Windows and Mac computers. Follow these steps carefully and remove files and folders belonging to BWall. First of all, you need to run the system in a Safe Mode. Then find and remove needed files and folders.

Uninstall BWall from Windows or Mac

Here you may find the list of confirmed related to the ransomware files and registry keys. You should delete them in order to remove virus, however it would be easier to do it with our automatic removal tool. The list:

BWall.dll
_readme.txt
readme.txt

Windows 7/Vista:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to BWall by using Removal Tool;
  5. Delete found files;

Windows 8/8.1:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to BWall by using Removal Tool;
  5. Delete found files;

Windows 10:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to BWall by using Removal Tool;
  5. Delete found files;

Windows XP:

  1. Restart the computer;
  2. Press Settings button;
  3. Choose Safe Mode;
  4. Find programs or files potentially related to BWall by using Removal Tool;
  5. Delete found files;

Mac OS:

  1. Restart the computer;
  2. Press and Hold Shift button, before system will be loaded;
  3. Release Shift button, when Apple logo appears;
  4. Find programs or files potentially related to BWall by using Removal Tool;
  5. Delete found files;

How to restore encrypted files

You can try to restore your files with special tools. You may find more detailed info on data recovery software in this article – recovery software. These programs may help you to restore files that were infected and encrypted by ransomware.

Restore data with Stellar Data Recovery

Stellar Data Recovery is able to find and restore different types of encrypted files, including removed emails.

  1. Download and install Stellar Data Recovery
  2. Choose drives and folders with your data, then press Scan.
  3. Select all the files in a folder, then click on Restore button.
  4. Manage export location. That’s it!
Download Stellar Data Recovery

 

Restore encrypted files using Recuva

There is an alternative program, that may help you to recover files – Recuva.

  1. Run the Recuva;
  2. Follow instructions and wait until scan process ends;
  3. Find needed files, mark them and Press Recover button;

How to prevent ransomware infection?

It is always rewarding to prevent ransomware infection because of the consequences it may bring. There are a lot of difficulties in resolving issues with encoders viruses, that’s why it is very vital to keep a proper and reliable anti-ransomware software on your computer. In case you don’t have any, here you may find some of the best offers in order to protect your PC from disastrous viruses.

Malwarebytes

NORTON3
Orientation: 1
Download Removal Tool

SpyHunter is a reliable antimalware removal tool application, that is able to protect your PC and prevent the infection from the start. The program is designed to be user-friendly and multi-functional.

Leave a Reply

Your email address will not be published. Required fields are marked *