Guide to Remove CTB Locker from Your PC

When you tried to run a program, the computer could not respond immediately? You enable an antivirus tool on the computer to make a scan for the PC and eventually get the reason why it works like a crawl – the scan result notifies you that there is a Trojan horse named CTB Locker lurking on the computer. You have tried to use the antivirus program to fix it, but it still appears on the scan result at the next time you run the program? How can you completely remove this Trojan from your infected system?

CTB Locker description

CTB Locker is created to aggressively attack your computer. If you click on unknown links, for example, links released by this evil hackers, open spam email attachments, download free media sources or visit malicious websites, your computer may get infected with this Trojan. To avoid being infected, you need to be attentive when surfing the Internet.

This Trojan can infect a computer and finish its installation within a short time. It will perform the pre- defined invasion task distributed by the cyber hackers as soon as it unnoticeably infiltrates into the system. First of all, it modifies the system registry so that its file can be executed every time you start up the PC. Then the infected computer will work extremely slowly. For instance, if you double click to run a program or visit a site, you will need to spend a long time waiting for the reaction. Besides, your computer shuts down without any warning now and then, which will cause damage to the system. Meanwhile, it serves unpleasant pop up ads and error messages on screen to harass you. This means the criminals will know whatever you do on the internet. They will use the information for illeagal purpose. It should be removed immediately.

CTB Locker is hard to detect and remove only by a common antivirus program, because it has been designed to have the ability to disguises itself as a legit part of the computer system. The manual removal can help you remove the Trojan, but it is very risky. But you should be cautious when performing the manual removal, for any mistakes would cause severe system damage.

The manual removal requires certain computer skills. Taking the professional removal tool into account would be a better way.

Manual Removal Guides:

CTB Locker is a vicious Trojan that installs itself on your computer without any notice. It not only slows down your computer performance, but also adds other cyber threats to compromise the system. The Trojan also enables to hackers to gain unauthorized access to your system and steal your confidential information. It is wise for you to remove this pesky infection with dispatch. Follow the instructions below and you can successfully clear the infection.

Step1: Stop related processes

[random.exe]

For Windows 7 / Windows Vista

1、Right-click on Task Bar and click click Task Manager;
2、swich to Processes tab, right-click on the processes associated with the virus and click End Process

For Windows 8 / 8.1

1、Right-click on Task Bar and click click Task Manager;
2、Under the Processes tab, right-click on the processes related with the virus and click End Process

Step2: Show all hidden files

For Windows 7 / Vista

1、Click and open Libraries
2、Under the Folder Options category of Tools , click on Show Hidden Files or Folders.
3、Under the Hidden files and folders section, select the radio button labeled Show hidden files, folders, or drives.
4、Remove the checkmark from the checkbox labeled Hide extensions for known file types.
5、Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
6、Press the Apply button and then the OK button.

For Windows 8 /8.1

1、Click on Windows Explorer.
2、Click on View tab.
3、Check the "Hidden Items" box

Step3: Erase CTB Locker Virus related of files

%UserProfile%\[random].exe
%ProgramFiles%\Internet Explorer\Connection Wizard\[random]
%Windir%\Microsoft.NET\Framework\[random].exe
%Temp%\[random].bat

Step4: Terminate these Registry Entries created by CTB Locker.

For Windows 7 /Vista, and Windows 8 /8.1:

1、Keep pressing "Windows+R" keys on your keyboard.
2、Type "Regedit" into the Run box and click OK to open Registry Editor.
3、Find out and delete malicious files below:

HKEY_CLASSES_ROOT\CLSID\{750fdf0e-2a26-11d1-a3ea-080036587f03}\InProcServer32 "(Default)" = "\.dll"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "courts" = %AppData%\p1.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\[random]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SD2014" = "%AppData%\\.exe"
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*

CTB Locker is a highly dangerous Trojan horse created by the hackers with the intention of stealing users’ confidential information from the compromised computers. It will increase the opportunities for the malicious program to invade into your PC if you always visit the unsafe websites. Once infected, your computer performance becomes poor and the system will often encounter sudden shutdowns, which may cause your data loss. The cyber criminals can make use of the Trojan to steal your information for commercial purposes. It is strongly suggested to remove this nasty Trojan horse as soon as possible.