1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

BDDY Ransomware

BDDY Ransomware is a treat that encrypts files and shows a ransom note asking to pay for their restoration. What is special about this particular threat is that it can search for local IP addresses with the file-sharing function enabled and tries to infect such machines too. Therefore, not taking care of the malware immediately could put other devices at risk. To prevent this, we advise removing BDDY Ransomware as soon as possible. If you do not know how to get rid of the malicious application, you should have a look at the instructions available at the end of this article. They will explain how to search for files that could belong to the malware. However, if you want to be sure that the malicious application gets erased, it is advisable to use a reliable antimalware tool. If you want to know why it might be much easier to eliminate it with a security tool as well as other details about the threat, we encourage you to read our full report.

The first thing we would like to discuss BDDY Ransomware is how it might be distributed. Our researchers think that the most likely scenario is that the malicious application enters the system via unsecured RDP (Remote Desktop Protocol) connections. Such weaknesses can be removed by setting up a strong password and enabling Two-Factor Authentication. This should help you secure your RDP connections. We also recommend identifying other weaknesses that your system could have. For example, an outdated operating system or other software could have vulnerabilities that hackers might know how to exploit to gain access to your system. Thus, you should update software regularly, not only because of new features but also to protect your system against cyber-attacks. Additionally, you could employ a reputable antimalware tool that could stay on guard and alert you about possible threats.

Provided that BDDY Ransomware slips in, the infected computer’s user ought to find a malicious .bat file with a random name in the %APPDATA% folder. Our researchers say that the malware might create a scheduled task that would run this file a few times a day. Another thing you should know about this malicious .bat file is that it erases shadow copies. No doubt, hackers created it to ensure that their victims would have as few chances to restore their data as possible. As you see, if a victim cannot regain his files on his own, he might be willing to contact the threat’s developers and purchase tools that could decrypt his files. The malware encrypts them with a robust encryption algorithm, so the only other way to recover encrypted data without decryption tools is to restore it from backup copies on removable media devices or cloud storage.

What’s more, during encryption BDDY Ransomware should not only encrypt files but also rename them and mark them with .BDDY extension. Thus, it might be impossible to recognize encrypted data. Next, the malicious application should create a document titled #BDDY_README#.rtf. Inside this file, there should be a long message from the hackers that explain what happened to the victim’s files, what can be done to restore them, and tries to convince users to pay a ransom. Similar information should appear on a picture that BDDY Ransomware ought to change your wallpaper with.

While the offer might seem tempting, you should consider it carefully. Hackers are not trustworthy people, and they cannot guarantee you that you will get the decryption tools that they promised. The only thing they can prove is that they have such tools. If you do not think it is enough, we advise not to deal with the BDDY Ransomware’s developers. The instructions available below can show you how to look for malware’s created files and how to erase them. After removing malicious data that you managed to locate, we recommend installing a reliable antimalware tool that could finish the task. Of course, if you do not want to erase BDDY Ransomware manually, you could install a reputable antimalware tool right from the start and let it eliminate the malware for you.

Restart the computer in Safe Mode

Windows 8/Windows 10

  1. Tap Win+I for Windows 8 or open Start menu for Windows 10.
  2. Press the Power button.
  3. Click and hold Shift, then click Restart.
  4. Pick Troubleshoot and choose Advanced Options.
  5. Go to Startup Settings and click Restart.
  6. Press F5 and restart the PC.

Windows XP/Windows Vista/Windows 7

  1. Navigate to Start, select Shutdown options, and pick Restart.
  2. Press and hold F8 when the PC starts restarting.
  3. Mark Safe Mode with Networking.
  4. Select Enter and log on.

Remove BDDY Ransomware

  1. Click Win+E.
  2. Find these locations:
    %TEMP%
    %USERPROFILE%\desktop
    %USERPROFILE%\downloads
  3. Look for the threat’s installer (it could be any recently created file with a random name), right-click it, and press Delete.
  4. Find this folder: %APPDATA%
  5. Find a .bat file with a random name that belongs to the ransomware, right-click it, and press Delete.
  6. Then find these paths:
    %WINDIR%\Tasks
    %WINDIR%\System32\Tasks
  7. Search for tasks that could be created by the malware, right-click them, and select Delete.
  8. Recheck this folder: %APPDATA%
  9. Locate a .bmp file with a random title, right-click it, and press Delete.
  10. Exit File Explorer.
  11. Empty Recycle bin.
  12. Perform a full system scan with a reliable antimalware tool to remove malicious data belonging to BDDY Ransomware that might still be hiding.
  13. Restart the system.
Download Spyware Removal Tool to Remove* BDDY Ransomware
  • Quick & tested solution for BDDY Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.