Better_Call_Saul Virus File Removal

This page aims to help you remove the Better_Call_Saul Virus. Our inbox was just flooded with questions about a “Better_Call_Saul virus,” signifying that this ransomware is predominantly spread in Russia.  

if you are reading this article, then it is likely because your computer has been infected with the Better_Call_Saul virus. What you are dealing with is a very dangerous virus that belongs to the ransomware family of computer threats. What makes it so dangerous is the fact that it encrypts your files and makes them unusable. Beware! Even if you manage to remove the virus from your machine your files will remain infected! Our removal guide will help you handle both problems, but before we get there you need to learn some basic facts about this virus in order to be able to successfully combat it.

The Better_Call_Saul “Virus” – how it works

Typically when this ransomware enters a computer it will try to remain hidden for an extended period of time. In that time it makes all of your files its target and behinds encrypting them. Very high grade encryption is used in this process – it is simply impossible to decrypt the files afterwards unless the proper key is obtained. This key is exactly what the hackers will offer you for purchase – at the heft price of around 1 BTC, or roughly $400. BTC actually stands for Bit Coin and is a form of untraceable online currency that is preferred by all cyber criminals as a form of payment.

It is possible to spot the ransomware at work – try to remember if your PC has been behaving erratically lately or it loaded programs much slower than usual. The encryption process was ran in the background by the ransomware, but that process is actually pretty hard on the CPU and Memory of your computer, thus the resulting overall sluggishness of your PC. While at work, the ransomware process can usually be spotted in the Task Manager – it is a process that has unfamiliar manufacturer and that uses a very high amount of CPU power and RAM. Shutting this process in time can prevent files from becoming encrypted in the first place, so we urge our readers never to waive slowdowns and other problems as something normal or inconsequential.

How was the Better_Call_Saul Virus installed?

We don’t want to discourage you even further, but it is actually quite possible that your PC was infected by a Trojan horse agent prior to the ransomware event. These days delivering ransomware though Trojan horses is becoming the norm – a well written Trojan horse can be virtually invisible to many anti-virus programs and can also successfully obfuscate the ransomware it delivers as well. Of course, it is also possible that you unknowingly installed the ransomware yourself directly.

Ransomware viruses like the Better_Call_Saul virus (and Trojan droppers) are most often distributed via the help of Email spam bot network. Every email box has a spam folder, but that filter is far from perfect. More often than not an intelligently written spam email might make it through. Malicious emails that contain some form of virus will always contain some link to be clicked on or some file to be downloaded and installed. Hackers use all kinds of ploys in order to convince you to click on the link or install the file, so please REMEMBER never to install files that arrive from suspicious or unfamiliar emails. Sometime the hackers may even disguise the spam emails as emails sent from the government and other institutions. Keep your anti-virus or anti-malware program at hand and scan everything!

Should you pay the ransom asked by the Better_Call_Saul Virus?

Of course, the quickest way to resolve this crisis is to pay the ransom and be done with it. That’s what the hackers want anyway. We believe that’s a poor decision – payment should never be considered, at least until all other options are exhausted and you’ve decided that your files are worth more than the money you will spend. However, please keep in mind that you are actually dealing with cyber criminals and you are basically at their mercy. They’ll also use whatever money they can get to expand on their nasty business and release new and improved ransomware programs!


Name Better_Call_Saul Virus
Type Ransomware
Danger Level High (This is literally the worst type of virus to encounter)
Symptoms Strange PC behavior followed by file encryption and virus reveal.
Distribution Method Trojan horse viruses frequently assist ransomware with distribution, but old-fashioned channels like email attachments work just fine too,
Detection Tool Ransomware are notoriously difficult to track down. Use SpyHunter – a professional parasite scanner – to make sure you find all files related to the infection.

Keep in mind, SpyHunter is a malware detection tool. To remove the infection, you need to purchase the full version.
More information about SpyHunter and steps to uninstall.

Remove Better_Call_Saul Virus

Better_Call_Saul Virus File Removal

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Better_Call_Saul Virus File Removal


Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 

Better_Call_Saul Virus File Removal

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Better_Call_Saul Virus File Removal
Drag and Drop File Here To Scan
Better_Call_Saul Virus File Removal
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    After you open their folder, end the processes that are infected, then delete their folders. 

    Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.

    Better_Call_Saul Virus File Removal

    Hold the Start Key and R –  copy + paste the following and click OK:

    notepad %windir%/system32/Drivers/etc/hosts

    A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

    Better_Call_Saul Virus File Removal

    If there are suspicious IPs below “Localhost” – write to us in the comments.

    Type msconfig in the search field and hit enter. A window will pop-up:

    Better_Call_Saul Virus File Removal

    Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

    • Please note that ransomware may even include a fake Manufacturer name to its process. Make sure you check out every process here is legitimate.

    Better_Call_Saul Virus File Removal

    Type Regedit in the windows search field and press EnterOnce inside, press CTRL and F together and type the virus’s Name. 

    Search for the ransomware  in your registries and delete the entries. Be extremely careful –  you can damage your system if you delete entries not related to the ransomware.

    Type each of the following in the Windows Search Field:

    1. %AppData%
    2. %LocalAppData%
    3. %ProgramData%
    4. %WinDir%
    5. %Temp%

    Delete everything in Temp. The rest just check out for anything recently added. Remember to leave us a comment if you run into any trouble!

    Better_Call_Saul Virus File Removal 

    How to Decrypt Better_Call_Saul files

    We have a comprehensive (and daily updated) guide on how to decrypt your files. Check it out here.

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


    About the author


    Violet George

    Violet is an active writer with a passion for all things cyber security. She enjoys helping victims of computer virus infections remove them and successfully deal with the aftermath of the attacks. But most importantly, Violet makes it her priority to spend time educating people on privacy issues and maintaining the safety of their computers. It is her firm belief that by spreading this information, she can empower web users to effectively protect their personal data and their devices from hackers and cybercriminals.

    Leave a Comment