Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Kill Lambdalocker

Kill Lambdalocker is a new malware infection that can infiltrate your system without your knowledge and encrypt your files without the possibility of your using them again; unless, of course, you are ready to pay the demanded ransom fee and these criminals will keep their promise. According to our research, this ransomware program mainly targets Chinese and Russian computer users, including former Soviet Republic countries like the Ukraine, Belarus, and Kazakhstan. Unfortunately, if your computer is hit by this dangerous ransomware, there is not too much chance for you to be able to decrypt your files. There are two ways to prevent this kind of devastation. First, you should install a reliable anti-malware program, and second, you should regularly save your important files onto a removable drive. Right now, the best you can do is remove Kill Lambdalocker ransomware from your system and if you have a backup of your files, you can copy them back afterwards.

There are a couple of ways for this major threat to show up on your system. The most likely way is via spam e-mails as a malicious file attachment. This is the method that most cyber criminals tend to use to infect unsuspecting computer users with Trojans and ransomware programs. Such a spam can look totally normal and authentic. Its subject may make you feel that it is important for you to see its content right away. Such subject may include issues with your credit card or banking details you provided for some alleged purchase or hotel room booking, an unpaid fine (speeding or parking), an undelivered parcel, and so on. It is quite likely that such a mail would draw your attention even when you find it in your spam folder. This is why it is essential that you make sure that you never open questionable mails that simply try to persuade you to download and see the attached file and disclose no real information about the claimed issue. The worst thing about ransomware infections is that when they reveal themselves, it is already too late and you cannot stop the encryption. In other words, by the time you have a chance to delete Kill Lambdalocker, your files will have been encrypted already. This is why prevention is so important.

Another possible method for this ransomware infection to spread is through malicious webpages created by crooks using so-called Exploit Kits, such as Angler, Rig, and Nuclear. Using such kits is a very efficient way to infect users with all kinds of malware threats, including ransomware. In this case a website is set up that contains malicious Adobe Flash and Java content. These kits can be efficient when such a page is loaded by outdated browsers and drivers. When you land on such a malicious page, you do not even need to click on any content to infect your machine as it happens automatically. Once the page loads in your browser, the malicious script is triggered and Kill Lambdalocker is dropped, or any other infection for that matter, onto your system without your knowledge. You can end up visiting such a page when you click on questionable third-party advertisements or modified search results presented by browser hijackers. For this reason, we recommend that you keep all your browsers and drivers always updated and that you run a malware scanner after you delete Kill Lambdalocker ransomware from your system in order to detect all other possible malicious threats on board.

This dangerous ransomware seems to use AES-256 (Advanced Encryption Standard) and SHA-256 (Secure Hash Algorithm) encryptions to cipher your personal files, including your images, videos, documents, and archives. All the affected files get a ".lambda_l0cked" extension, which helps you identify this threat. When done, a ransom note .html file called “READ_IT.hTml” is dropped on your desktop and every affected folder as well. When this file is displayed you learn about the encryption and that you have to pay 0.5 BTC (about $460) to get the decryption key. This ransom note is in two languages: English and Chinese. After you transfer the money, for which you are given a whole month, you are supposed to send an e-mail to “” with the subject “decryptLL” and a body with “[Your ID]P05” (e.g.,”[1234-1234-1234]P05”). And, then, you should get the decryption key in return, which we highly doubt, to be quite frank.

Actually, we do not recommend that you establish contact with these criminals in any way. There is no guarantee that you will get your decryption key even if you pay the ransom fee. It is up to you though if you are ready to support cyber criminals and risk never seeing your files again anyway. Nevertheless, we advise you to remove Kill Lambdalocker as soon as you notice its presence on your computer. Let us tell you how you can do this.

First of all, you need to close the ransom note window. Then, you need to locate the malicious file you downloaded from the spam e-mail or dropped by visiting a malicious site. The malicious executable is the file that you launched and ended up encrypted afterwards. Please follow our instructions below if you do not mind doing some manual work on your system. But, if you are looking for something more efficient and automatic, we recommend that you download and install a trustworthy malware removal tool, such as SpyHunter that can give you the kind of protection for your PC it really deserves if you want to feel safe in your virtual world.

Remove Kill Lambdalocker from Windows

  1. Press Alt+F4 simultaneously to exit the ransom note.
  2. Press Win+E to launch File Explorer.
  3. Locate and delete the malicious executable file you downloaded and launched.
  4. Locate all instances of the ransom note file (“READ_IT.hTml”) and delete them.
  5. Empty your Recycle Bin and reboot your system.
Download Spyware Removal Tool to Remove* Kill Lambdalocker
  • Quick & tested solution for Kill Lambdalocker removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.