Il tuo computer e stato infettato da Cryptolocker! Removal Guide

Do you know what Il tuo computer e stato infettato da Cryptolocker! is?

According to our researchers, Il tuo computer e stato infettato da Cryptolocker! is a newly released ransomware designed to encrypt your most precious files and demand money for the decryption key needed to decrypt them. There is no telling whether the cyber crook will deliver on the promise to give you this key, so you should consider removing it instead. Furthermore, the crook asks for 130 Euros for this key, and your files may not be worth this kind of money. For more information, please read this whole article.

This particular ransomware is of Italian origin, and it does not look like it has any previously released clones. Thus, it is a unique application, but not in the sense of functionality as it works like most other ransomware-type malware. Our researchers have found that it is distributed through malicious emails that feature a malicious zipped file attachment that is set to drop Il tuo computer e stato infettato da Cryptolocker!’s main executable. However, we do not know the contents of this zipped file. Researchers say that it can either contain a JavaScrip file that runs a malicious script through Rundll32.exe, a Windows Script File that is executed through Windows Script Host or extracts the executable directly. At any rate, the infection is designed to occur secretly, but if you have a powerful antimalware program, then this ransomware can be stopped dead in its tracks.Il tuo computer e stato infettato da Cryptolocker! Removal GuideIl tuo computer e stato infettato da Cryptolocker! screenshot
Scroll down for full removal instructions

Truth be told, this malicious program’s main executable could be placed anywhere on your computer and, to our knowledge, it may also be named randomly, so finding it may prove to be a challenge. Nevertheless, you might want to look for a suspicious executable in directories such as %Temp%, %Local%, %Roaming%, %AppData%, %WINDIR%\Syswow64, and %WINDIR%\System32. Once on your computer, this executable will launch automatically and scan your computer for files to encrypt. Our malware analysts say that this ransomware will encrypt most file types in most directories. For example, it is set to target file formats such as .PNG, .PDF, .XLR, .XLS, .DOC, and .DOCX. Nevertheless, it will also encrypt various images, audio, and video formats, as well as executables and other file formats. Hence, it seems that this ransomware is set to encrypt nearly all files indiscriminately, but it will skip some locations that contain files needed to run the operating system.

Researchers say that Il tuo computer e stato infettato da Cryptolocker! uses the RSA-2048 encryption algorithm that creates a unique private decryption key that is sent to its Command and Control server. Furthermore, it will append the encrypted files with the .locked extension. At the time of this article research, this ransomware does not have a free decryption tool, but risking paying the 130 Euros to the cyber crook for the decryption key is not the most foolproof method of getting your files back as you might not receive the decryption key. In any case, once the encryption is complete, Il tuo computer e stato infettato da Cryptolocker! will launch its GUI that doubles as the ransom note. Everything written on it is in Italian, so we are positive that it distributed in Italy only. So that is all there is to this ransomware and there is no doubt that it is a malicious piece of programming.

In summary, Il tuo computer e stato infettato da Cryptolocker! is one malicious infection that is no different than hundreds of other ransomware-type infections. It uses the RSA-2048 encryption algorithm to encrypt your files and demand money. You should weigh your options before you attempt to pay the ransom because you might not get the decryption key. If you want to get rid of it, then we suggest using our manual removal guide that involves using SpyHunter’s free scanner to locate the malicious executable so that you go to its location and delete it manually.

Removal Instructions

  1. Go to http://www.spyware-techie.com/download-sph
  2. Download and install SpyHunter.
  3. Scan your PC to locate the ransomware.
  4. Follow the file path to its location.
  5. Right-click the executable and click Delete.
  6. Empty the Recycle Bin

In non-techie terms:

Il tuo computer e stato infettato da Cryptolocker! is a ransomware designed to encrypt your files and demand that you pay money to get them back. It is distributed via fake emails containing malicious attachments and can infect your computer secretly if it is not protected by an anti-malware program. This application poses a significant threat to your computer’s security and the sooner you remove it, the better.