Guide to Remove CTB-Locker Ransomware

Your personal files are locked by CTB-Locker Ransomware? Can’t figure out how to resolve this problem? This post offers CTB-Locker Ransomware removal guide which will help get rid of this threat from your infected computer. Please read more.

Description of CTB-Locker Ransomware

CTB-Locker Ransomware is a ransomware created by cyber hackers to encrypts files in the infected computers for the purpose of asking for ransom from its victims. This ransomware can target different versions of Windows such as Windows XP, Windows Vista, Windows 7, and Windows 8. Basically, this ransomware enters your computer by making use of your system vulnerabilities. When you visit the malicious websites, download free applications from unsafe sources, click on suspicious links or open spam email attachments, you may have a greater chance to get this ransomware downloaded on your computer system.

Once installed on your PC, this ransomware will first modify your system settings and inject its star-up registry entries into your Windows registry. By doing so, it ensure an automatic running whenever the Windows is launched. Then, it starts encrypting a variety of files stored in your system, such as .doc, .jpg, .mp4, .cer, .pem, .db files. Consequently, you will not be able to access those encrypted files. Once the encryption is done, this ransomware will show a message on your computer screen, demanding you to pay ransom in order to regain the access to your personal files. The message looks like this:


Your personal files are encrypted by CTB-Locker.
Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer.

Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key.

You only have 96 hours to submit the payment. If you do not send money within provided time, all your files will be permanently crypted and no one will be able to recover them.

Press “View” to view the list of files that have been encrypted.

Press “Next” for the next page.


It is not suggested that you follow the instruction to obtain the private key which allows you to decrypt the files, or else your online banking account details might be captured by the cyber hackers without your knowledge. In fact, this ransomware can allow the remote cyber hackers to gain unauthorized access to your system and monitor all activities on your computer. If you want to regain access to your personal files, you need to find out the effective way to get rid of CTB-Locker Ransomware, instead of following the instruction on the message. Have no clues how to perform the removal? Then, you can try the methods introduced below.

Note: The manual removal method is not for the novice users, for it involves some complicated steps which may not be easily done. Anything wrong occurs in the removal process may bring serious damage to the system. For the sake of security, we highly recommend removing the malicious ransomware by using a professional malware removal tool.


How to Remove CTB-Locker Ransomware?

Method 1: Manually Remove the Ransomware Step by Step.

Method 2: Automatically Remove the Ransomware (Recommended).

Method 1: Manually Remove the Ransomware Step by Step.

Step 1: Turn off System Restore function as CTB-Locker Ransomware may infect every restore point.

Step 2: Restart your computer and tap F8 key repeatedly. Select the “Safe Mode with Networking” option using the arrow keys, and press Enter.


Step 3: Right click on the taskbar and select the “Start Task Manager” option. Go to “Processes”, scroll down to find out the processes related to CTB-Locker Ransomware and terminate them by clicking on the “End Process” button.


Step 4: Open Control Panel, click Appearance and Personalization and select Folder Options. Under View tab, tick “Show hidden files and folders”, non-tick “Hide protected operating system files (Recommended)” and click OK button.


Step 5: Navigate to the local hard disk C, find and delete all Ransomware related files from your computer.

Step 6: Press the Windows key + R key, type “regedit” into the command box and press Enter. This will start the Registry Editor. Then, locate all registry entries related to CTB-Locker Ransomware and delete all of them.


Method 2: Automatically Remove the Ransomware (Recommended).

If you have no much experience of dealing with processes, files and registry entries, then you can consider using a powerful removal tool to easily and completely eliminate CTB-Locker Ransomware from your infected computer.

SpyHunter is a professional malware removal tool especially designed to help computer users remove various types of malware and block malicious attacks from the online world. Now you can download and use this removal tool to deal with the vicious ransomware.

Step 1: Download SpyHunter by clicking the download button below.


Step 2: Once the downloading finishes, double-click the file to run it. When a window pops up to ask if you want to run this file, allow it to run and follow the instructions to install SpyHunter on your computer.

spyhunter-run setup file

Step 3: Now launch SpyHunter and click on “Scan Computer Now” to scan your entire system for CTB-Locker Ransomware or any other hiding threats on your computer.

spyhunter-scan computer now

Step 4:As the scanning is complete, all detected threats will be listed out. Then, you can click on “Fix Threats” to remove all of the threats found in your system.

spyhunter-fix threats

Malwarebytes Anti-Malware is a powerful malware removal tool designed with advanced techniques and latest algorithms to detect and remove any potential computer threats. To thoroughly get rid of CTB-Locker Ransomware with ease, you can rely on this removal tool. Please follow the steps below:

Step 1: Download Malwarebytes Anti-Malware by clicking on the download button below.

download removal button now

Step 2: When the mbam.exe file is downloaded onto your computer, double click on it and follow the prompts to install Malwarebytes Anti-Malware on your computer.


Step 3: Once the installation finishes, launch Malwarebytes Anti-Malware to scan your system.

mbam-threat scan

Step 4: Once the scan is complete, all detected items will be shown in a list with their types, actions and locations. Click on “Quarantine All” and click the “Apply Actions” button. Then, the malicious items will be quarantined by Malwarebytes Anti-Malware.


Tips to Avoid Re-infection

● Install a reliable anti-malware program on your computer and update it regularly.
● Always update your operating system and software installed on your PC.
● Don’t view spam emails, nor even click on the contained links or attachments.
● Don’t download freeware or shareware from trustless sources; and run your anti-malware program to scan for malware before installing such software.
● Avoid strange web sites that offers free services and software downloads.
● Never receive and open files from an unknown people while using instant messaging application.

Warm Tips:

If you have no sufficient computer troubleshooting skills, it is not suggested that you delete the ransomware related files and registry entries by yourself. A small mistake may result in serious system problems. To safely and completely remove CTB-Locker Ransomware, you can download and install a professional malware removal tool on your PC. By using this tool, you can simplify the removal steps and, most important of all, you don’t need to worry that your system would be damaged.


Share Button

Comment is closed.