Description of CTB Locker
CTB Locker is a kind of crypto-type ransomware, which uses the Tor browser to obfuscate its network activity with its Command and Control servers. Generally speaking, it is designed for encrypting specific data files and then urging people to pay for the decryption key, or your data files may not be available any more. It is currently making the rounds around the web and infecting enterprises and consumer stations.
Once infected with CTB Locker, it would scan your computer and encrypts data based on file-types. Upon encrypting the files, it would create a .TXT and .HTML file with instructions on how to obtain the decryption key. People who want to quickly recover their photos, videos or files may compromise to the wire-puller and make payment as required. There is one thing you should know: even if you get the decryption key, the valid time may no more than 96 hours, after that time the server will delete the decryption key and your data files will remain encrypted.
Ways for CTB Locker to infect your computer
CTB Locker is always connected with spam emails attachment, dubious advertisements, malicious websites, false system upgrades and freeware downloads from suspicious sources. So when you click to these terms, your computer may suffer from infections. CTB Locker usually invades your system with the help of a Trojan. Once that Trojan has sneaked into your computer, it installs the ransomware infection and then it begins to work. Then an alert window will be showed up to ask you to pay for the decrypting key.
You definitely don’t want to find CTB Locker on your computer, for it may jeopardize all the files you have stored on your PC. It may not only affect your work efficiency, but also do harm to your computer. Therefore, once you found CTB Locker on your computer, you should immediately delete it by manual disinfection or antivirus software. But you should know that adopt preventive measures will minimize the losses.
Ways to remove CTB Locker
Step 1. Boot your computer into Safe Mode with Networking
Restart your computer and keep pressing F8 key until Windows Advanced Options menu shows up, then using arrow key to select “Safe Mode with Networking” from the list and press ENTER to get into that mode.
Step 2. End up the running processes of CTB Locker in Windows Task Manager.
Press Ctrl+sShift+Esc or Ctrl+Alt+Delete to open Windows Task Manager, find malicious processes and click End Process.
Step 3. Show hidden files and folders and remove files associated with the ransomware.
Click on the Start menu, type “folder options” into the search bar and click on “Folder Option” in the search results. In the pop-up dialog box, click the View tab and uncheck Hide protected operating system files (Recommended).
Step 4. Clean all the malicious files about this infection as below.
Step 5. Delete related malicious registry entries
Open Registry Editor by pressing Window+R keys together.(another way is clicking on the Start button and choosing Run option, then typing into Regedit and pressing Enter. )
Delete all the vicious registries as below:
HKEY_LOCAL_MACHINE\ SOFTWARE\ <random>Software
HKEY_LOCAL_MACHINE\ SOFTWARE\ supWPM
HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ Wpm
HKEY_CURRENT_USER\ Software\Microsoft\ InternetExplorer\ Main”Default_Page_URL” = “http://www.<random>.com/?type=hp&ts=<timestamp>&from=tugs&uid=<hard drive id>”
Automatical steps with SpyHunter:
Now here we will introduce you an effective and real-time software SpyHunter to guide against and get rid of malware or any other potential threats on your computer.
With this application you can easily remove the infections of Trojans, worms, rootkits, rogues, dialers and spywares, so all you need to do is install it for immediate and ongoing protection.
Step 1. Click the following icon to download SpyHunter
Step 2. Double click on its file and then click the Run button to enter the installation procedure
Step 4. When complete the installation, open SpyHunter and click Scan Computer Now! button to start scan your computer.
Step 5. Then check the scan result and click on Fix Threats button to make your computer clean rapidly.
Software RegCure Pro to help you protect your computer
RegCure Pro scans common problem areas -and quickly and safely fixes them. As well, it has several tools and features to address other performance and computing issues.
Step 1. Download RegCure Pro by Clicking on the icon below
Step 2. Double-click on the RegCure Pro program to open it, and then follow the instructions to install it.
Step 3. When complete the installation, open the application and choose which part you want to scan, and then click the button Click to Start Scan
Step 4. When the System Scan is done, click Fix All button to correct all the security risks and potential causes of your computer slow performance.
One should form a good habit to check computer regularly with reliable anti-virus software and install reputable software from regular websites. Do not open spam e-mails or suspected attachment. Then our computer can always maintain good performance and secure network environment. So malware like CTB Locker can always stay away from our computer.