Severity scale:  

Remove Lola ransomware (Virus Removal Guide) - Recovery Instructions Included

removal by Julie Splinters - - | Type: Ransomware

Lola ransomware – cryptovirus that offers 50% discount on ransom if victims establish contact within 72 hours

Lola ransomwareLola ransomware is the program that locks files and marks them using .lola extension.

Lola ransomware is a computer virus created for direct money extortion. This cryptovirus works the same way as all ransomware[1] – first, it encrypts all non-system files and renames them, then it creates ransom notes with ransom instructions. Victims are locked out of their data and won't be able to access it until a decryption tool is purchased from the cybercriminals.

During the encryption procedure, Lola virus appends all personal user files (pics, audio and video files, documents, etc.) with .lola extension, hence the name of the virus. When that's completed, it drops ransom notes, titles Please_Read.txt, in all compromised folders so the victim could find them wherever they look.

Name Lola ransomware, .lola virus
type Ransomware
Appended file extension All non-system files are encrypted with .lola extension
Ransom note Please_Read.txt can be found in all affected folders
Ransom amount The amount isn't specified but a 50% discount if promised if the victims contact the criminals within 72 hours
Criminal contact email
Malware removal Lola ransomware should be removed using a reliable anti-malware software
System fix Once Lola ransomware removal is done, use the ReimageIntego software to check overall system health and fix any issues the virus might have caused

In the ransom note, the creators of Lola ransomware virus explain to the victims that all their personal files were locked and that the only way to regain access to those files is by purchasing a decryption tool from the cybercriminals. In most cases that is true but in no way does that mean that the victims should meet the perpetrators' demands.

There is an email address ( provided to establish contact by sending a unique appointed user ID and one encrypted file from the infected device for a free decryption. This way the cybercriminals try to assure the victims of .lola virus that they really possess the decryption tool/key required to unlock the data.

Developers of Lola ransomware also warn the users not to try any third-party software to decrypt the files because that could lead to permanent data loss. The ransom will have to be made out using cryptocurrency Bitcoins. Although the ransom amount isn't specified, the criminals are nice enough to offer a 50% discount to victims that contact them within 72 hours. This proposal resembles Djvu family viruses such as Sglh and Jdyi.

Lola ransomware virusLola ransomware - a threat that asks for money on the text file.

Instead of paying off the cybercriminals, thus further expanding their dirty work, victims should focus on virus removal and computer system health. We recommend reliable anti-malware software such as SpyHunter 5Combo Cleaner or Malwarebytes to remove Lola ransomware from the infected machines. Time-tested apps like these will automatically locate the virus and remove it. 

After Lola ransomware removal, the victims should use the ReimageIntego tool to perform a full system scan and see whether the virus has made any altercations to system files and settings. Viruses make these changes to help them with their mission. If left unattended these changes could cause anomalous computer behavior, such as performance decline, crashes, etc.

With the ransom note (Please_Read.txt) the creators of Lola ransomware send this message to the victims:


Don't worry, you can return all your files!
All your files documents, photos, databases and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees do we give to you?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information
Don't try to use third-party decrypt tools because it will destroy your files.
Discount 50% available if you contact us first 72 hours.


To get this software you need write on our e-mail :

You will receive btc address for payment in the reply letter

Your personal ID :

Lola file virusLola ransomware can be eliminated using AV detection engines

The most common ways used by cybercriminals to spread their creations

Cybercriminals have various methods of malware distribution at their disposal, but the most common are spam emails and file-sharing platforms. Using these two methods, criminals infect thousands of computers each day.

Spam email is one of the most common ways different malware is distributed. Payload files of viruses are downloaded onto computers either by clicking on a mischievous hyperlink that redirects victims to a malicious website or by downloading email attachments.

File-sharing platforms, like torrent websites, are riddled with all kinds of viruses. They usually are camouflaged as illegal activation toolkits (popularly known as cracks[2]) for games or software. As soon as this kind of torrent is downloaded, the virus executes itself, and the infection is initiated.

Clean your PC from Lola ransomware virus and system-related issues

All malware should be erased from computers swiftly. Perform a full scan with SpyHunter 5Combo Cleaner or Malwarebytes anti-malware apps to automatically find, isolate, and remove Lola ransomware and all its allocated files. Unfortunately, .lola virus removal won't decrypt your files, but that doesn't mean that you should be doubtful. Search for other options to recover your files, never trust the criminals.

When Lola ransomware removal is done and your device is virus-free, experts[3] advise using the ReimageIntego tool to fix any changes the virus might have caused to system files and settings. This app will undo all alterations with a push of a button so you could enjoy your computer anew!

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove Lola virus, follow these steps:

Remove Lola using Safe Mode with Networking

Use Safe Mode with Networking if anti-malware software is unable to remove the virus while Windows are running in normal mode/GI]

[GI=method-2]System Restore might be helpful if the .lola file virus didn't delete restore points

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove Lola

    Log in to your infected account and start the browser. Download ReimageIntego or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Lola removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Bonus: Recover your data

Guide which is presented above is supposed to help you remove Lola from your computer. To recover your encrypted files, we recommend using a detailed guide prepared by security experts.

If your files are encrypted by Lola, you can use several methods to restore them:

Data Recovery Pro could help restore some of .lola extension files

This app might be useful to recover .lola extension files:

  • Download Data Recovery Pro;
  • Follow the steps of Data Recovery Setup and install the program on your computer;
  • Launch it and scan your computer for files encrypted by Lola ransomware;
  • Restore them.

Using Windows Previous Version to

Using this Windows OS feature victims might be successful in removing .lola extension from files:

  • Find an encrypted file you need to restore and right-click on it;
  • Select “Properties” and go to “Previous versions” tab;
  • Here, check each of available copies of the file in “Folder versions”. You should select the version you want to recover and click “Restore”.

Shadow Explorer – another data recovery option

If Lola ransomware didn't delete Shadow Copies then you're in luck. Using Shadow Explorer to retrieve your lost data:

  • Download Shadow Explorer (;
  • Follow a Shadow Explorer Setup Wizard and install this application on your computer;
  • Launch the program and go through the drop down menu on the top left corner to select the disk of your encrypted data. Check what folders are there;
  • Right-click on the folder you want to restore and select “Export”. You can also select where you want it to be stored.

No decryption tool/key is currently available

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Lola and other ransomwares, use a reputable anti-spyware, such as ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes

Stream videos without limitations, no matter where you are

There are multiple parties that could find out almost anything about you by checking your online activity. While this is highly unlikely, advertisers and tech companies are constantly tracking you online. The first step to privacy should be a secure browser that focuses on tracker reduction to a minimum.

Even if you employ a secure browser, you will not be able to access websites that are restricted due to local government laws or other reasons. In other words, you may not be able to stream Disney+ or US-based Netflix in some countries. To bypass these restrictions, you can employ a powerful Private Internet Access VPN, which provides dedicated servers for torrenting and streaming, not slowing you down in the process.

Data backups are important – recover your lost files

Ransomware is one of the biggest threats to personal data. Once it is executed on a machine, it launches a sophisticated encryption algorithm that locks all your files, although it does not destroy them. The most common misconception is that anti-malware software can return files to their previous states. This is not true, however, and data remains locked after the malicious payload is deleted.

While regular data backups are the only secure method to recover your files after a ransomware attack, tools such as Data Recovery Pro can also be effective and restore at least some of your lost data.

About the author
Julie Splinters
Julie Splinters - Malware removal specialist

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Julie Splinters
About the company Esolutions


Your opinion regarding Lola ransomware