BrainLag Ransomware

What is BrainLag Ransomware?

BrainLag Ransomware is one of the newest HiddenTear-based ransomware infections. Our malware analysts suspect that it is still in development because it does not act like typical ransomware infections do. In other words, although it encrypts personal files it finds stored on the system after the successful entrance, it does not demand money. This also means that it is impossible to purchase the decryption tool from cyber criminals. Without a doubt, cyber criminals determined to extract money from users might take over this infection, update it, and start disseminating it actively one day. There is basically no doubt that this new updated version of BrainLag Ransomware will demand a ransom. You are still not allowed to send cyber criminals money in this case. You are expected to perform only one activity – the full removal of the ransomware infection. It would be a sin to keep ransomware active on the system because it might be launched again accidentally and encrypt files once again. You will find more about the BrainLag Ransomware removal if you read this report till the very end.testtest

What does BrainLag Ransomware do?

BrainLag Ransomware cannot be called a sophisticated ransomware infection because it has a simple working scheme. After infiltrating victims’ computers, it sets bg.jpg as Desktop background and encrypts files. These files it locks get a new extension .xdxdlol appended next to their original extension, for example, mypicture.jpg.xdxdlol, so it does not take long to realize that they have been encrypted and, because of this, can no longer be opened. Neither the message the wallpaper bg.jpg contains nor the ransom note read_me.txt provides much information to users. They are only told that their files have been encrypted. While other ransomware infections immediately tell users to transfer a certain amount of money for the decryption tool or tell them to contact the owner of the ransomware by the provided email address, BrainLag Ransomware does not inform users about the decryption procedure, which suggests that cyber criminals behind this ransomware infection do not have the decryption key or simply do not want it to share with victims. We have found this quite surprising because the main goal of ransomware infections is to obtain money from users and BrainLag Ransomware does not even try to do that at the time of writing. It is never a good idea to transfer money to malware developers, so do not pay them a cent even if you have encountered an updated version that asks money. Encrypted files can be restored for free from a backup only, which again shows the importance of making backups of valuable files periodically.

Where does BrainLag Ransomware come from?

Ransomware infections usually enter computers illegally, but, in most cases, users help them to enter their PCs by, for example, opening malicious attachments from spam emails. In some cases, users download ransomware infections from third-party pages too. Additionally, malicious software active on users’ PCs might help additional malware to show up on their computers too. The first two symptoms showing that BrainLag Ransomware has successfully entered the system is a bunch of different files encrypted and a new background image set without permission. On top of that, users should be able to find a new file local.exe in %HOMEDRIVE%\user\Folder. If you have already become a victim of ransomware, this must be a sign that your system is unprotected. You can change this by enabling a security application on your PC. Security specialists at recommend doing this as soon as possible because new malware might show up on the system without permission anytime soon.

How to delete BrainLag Ransomware

Since BrainLag Ransomware usually removes itself after encrypting users’ files, its removal should be quick. You will only need to remove the ransom note read_me.txt from Desktop and the directory Folder containing the local.exe file from %HOMEDRIVE%\user. It is also advisable to inspect all recently downloaded files and remove those suspicious ones because a single active component of malware left on the system might result in the ransomware infection revival. Keep in mind that our manual removal guide will only help you to erase BrainLag Ransomware, which means that you will have to erase other untrustworthy applications separately. For example, you can do this by performing a full system scan with a reputable malware remover. You can check the condition of your system with our free diagnostic tool – click on the Download button to download it.

BrainLag Ransomware removal guide

  1. Press Win+E.
  2. Open %HOMEDRIVE%\user by typing this path in the URL bar. Press Enter.
  3. Delete the folder named Folder.
  4. Remove read_me.txt from Desktop.
  5. Delete suspicious recently downloaded files.
  6. Empty the Recycle bin. 100% FREE spyware scan and
    tested removal of BrainLag Ransomware*

Leave a Comment

Enter the numbers in the box to the right *