BrainLag Ransomware Removal Guide

Do you know what BrainLag Ransomware is?

If your Desktop wallpaper represents a message suggesting that your PC was “Infected By BrainLag,” there is no doubt that BrainLag Ransomware has invaded your operating system. Another easy way to tell if this threat is active is by looking at your personal files. The files that are corrupted by this devious ransomware cannot be opened, and the “.xdxdlol” extension is appended to their names. According to the analysis of our research team, the infection encrypts files using the Advanced Encryption Standard (AES) algorithm, and, unfortunately, a special private key is needed to decipher it. The key should be in the hands of the creator of this ransomware, but it is unlikely that they would disclose it. In fact, at this point, that is completely impossible because there is no way for you to communicate with the developer of this threat. Does that mean that your files are lost? Can you fix that by deleting BrainLag Ransomware? Continue reading to find out.

The developer of BrainLag Ransomware used an open-source code to create this infection. The same source code was used by the creators of Oxar Ransomware, Kindest Ransomware, and many other threats. Just like most other ransomware infections from this family, the threat we are discussing is most likely to be distributed with the help of misleading spam emails carrying the launcher as an attachment. In case you have opened a strange file and you were not introduced to the content you expected, you need to remove this file ASAP, and, maybe, you will evade the encryption of your personal files. Of course, the encryption process is silent, and so you are most likely to be unaware of it. BrainLag Ransomware also can create files without your permission. One of them is named “bg.jpg”, which is the Desktop wallpaper file, and the other one is called “read_me.txt”. Once the infection encrypts your personal files and creates new ones, it automatically removes itself.BrainLag Ransomware Removal GuideBrainLag Ransomware screenshot
Scroll down for full removal instructions

The read_me.txt file – which you should find on the Desktop – does not present any useful information. In fact, all it says is that your personal files were encrypted. There is no solution offered, and there are two scenarios why this might be the case. It is possible that BrainLag Ransomware is still being developed and that the ransom note will be modified in the future. Another scenario is that this infection was created only to encrypt users’ files, which, of course, is extremely devious and evil-minded. In case the threat is still being developed, it is possible that it is not spread widely, which suggests that users still have time to protect their operating systems against invasion and their files against encryption. Now, if your personal files were corrupted by BrainLag Ransomware already, the first thing you need to take care of is the removal of this malicious infection. Although it should delete itself after execution, some components remain active afterward.

If you choose to remove BrainLag Ransomware manually, you need to erase files found on the Desktop and in the %HOMEDRIVE%\user\Folder directory. Also, it is possible that the infection creates copies of itself, and we cannot tell you where to find them. If you stick with manual removal, run a full system scan to see if you have erased all malicious components. If any are left behind, you will be informed about it. Of course, it is much more convenient and efficient to utilize anti-malware software that erases malicious threats automatically. We advise installing it right away because it will keep your operating system guarded against other ransomware infections in the future. One more thing you should do is create a back-up for your personal files because that is the only way to guarantee that they are safe.

Delete BrainLag Ransomware

  1. Delete all suspicious files that were downloaded onto the PC recently.
  2. Go to the Desktop and Delete the file named read_me.txt.
  3. Simultaneously tap Win+E to launch Windows Explorer.
  4. Enter %HOMEDRIVE% into the bar at the top.
  5. Delete the folder named user (only if it has a sub-folder named Folder).
  6. Right-click the recycle bin and click Empty Recycle Bin.
  7. Run a full system scan using a reliable and up-to-date malware scanner.

In non-techie terms:

BrainLag Ransomware is an extremely strange ransomware that, at the time of research, did not demand a ransom from the victims of encrypted files. After encrypting the files, this infection creates a bunch of files to inform you that your files were corrupted, but no solution is offered. This is very strange. Our research has revealed that the suspicious ransomware should delete itself after execution, but, of course, you need to remove BrainLag Ransomware components that remain active. If you want to erase this infection manually, do not forget to perform a full system scan afterward. Our malware experts, of course, recommend installing anti-malware software instead because it can automatically delete the ransomware and, more importantly, enable full-time protection against other malicious infections that might try to invade in the future.