1 of 3
Danger level 9
Type: Trojans
Common infection symptoms:
  • Can't be uninstalled via Control Panel
  • Installs itself without permissions
  • Changes background


CTB-Locker is a dangerous ransomware infection which decrypts files on the computer and displays a so-called ransom warning, according to which the user of the target computer has to pay a certain amount of money in order to decrypt the files. The ransomware infection CTB-Locker is downloaded to the computer by a Trojan horses, which gets on the computer when browsing adult-oriented websites or insecure video and file sharing websites.

The Trojan horse is installed as a randomly named file, and it creates a process called Adobe Flash Player 10.3 r183. As soon as the CTB-Locker is downloaded, various files, including .doc, .jpg, .mp4, .db, .cer, .pem, and many others are encrypted by the ransomware infection. The ransomware infection creates 3 files, which include AllFilesAreLocked 1716900.bmp, DecryptAllFiles 1716900.txt, and sunlrad.html. Bear in mind that the numbers in the file names vary on different computers. These files contain the instructions which are supposed to be followed by the user of the victimized computer.

According to the warning, the user of the victimized computer has to buy bitcoins, worth approximately 24 USD, and make an online money transaction. In order to pay the attackers the ransom, the user is required to download the Tor Internet browser.

During the execution of CTB-Locker, the file exeplorer.exe, which is responsible for the interface of your operating system, is killed, resulting in the changes of the desktop background. Instead of your wallpaper and Task bar, all that you will see is a black screen with a warning saying that you have 72 hours to pay up. In order to restore the desktop icons and Task bar, you have to reboot the computer, but bear in mind that your files remain encrypted.

After rebooting the computer, you should download and implement a powerful security tool in order to get rid of the Trojan responsible for the installation of CTB-Locker. Our team recommends using SpyHunter because this real-time security program can remove the infection and safeguard the system against multiple Internet-based computer threats, including other ransomware infections, Trojan horses, browser hijackers, and adware.

As regards the decryption of your files, it is important to note that you should back up your data from time to time because it impossible to decrypt your files without paying the money demanded. We advise you against paying the so-called ransom fee because there is no guarantee that your data will be restored. Moreover, you should always keep the computer protected against malware so that infections such as CTB-Locker do not attack your computer.

Download Spyware Removal Tool to Remove* CTB-Locker
  • Quick & tested solution for CTB-Locker removal.
  • 100% Free Scan for Windows


  1. hghcfgxg Jan 1, 2015

    I don't have a credit card.I need a free way to remove it.By the way my back ground didn't change(it did the first time though)so is it a fake threat?

  2. Satalaka Faiva Feb 3, 2015

    May I request if you could help me to remove this virus as I don't have a credit card and I need your help just to free way to remove it.

    Your anticipation is very much helpful.

  3. Satalaka Faiva Feb 3, 2015

    May I request if you could help me to remove this virus as I don't have a credit card and I need your help just a free way to remove it.

    Your anticipation for the above request is very much helpful.

  4. Frederick Dec 2, 2015

    Hiya, I'm having rellay problems with this PC EU Virus. It wont let me past the screen and none of the safe modes work. I've read aot about bookting up with external devises but I can;t find that option or set anything up on my USB Can you help? there isn't anything of value o the laptop so I wouldnt even mind knowng how to completed format it and start from new

  5. Keivilaine Dec 2, 2015

    Hiya, I'm having

  6. Saurav Dec 4, 2015

    Thanks for taking the time to share this, I feel stolrgny about it and love reading more on rogueware removal. If possible, as you gain knowledge, would you mind updating your blog with more information? It is extremely helpful for me.

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.