Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


FBI ransomware preventing HitmanPro boot?

  • Please log in to reply
1 reply to this topic

#1 resolve14


  • Members
  • 1 posts
  • Local time:05:13 PM

Posted 08 January 2014 - 11:27 AM

My computer is infected with the FBI ransom ware virus. I am following the protocol from bleepingcomputer.com which uses HitmanPro on a USB drive. The protocol calls for the system to be booted from the USB drive which has HitmanPro on it. The system uses F12 to access the boot menu which seems to work normally. I select the USB drive and on the following screen the number 1.  The protocol says that HitmanPro is supposed to start but it never does. The screen simply stays blank. Any help you can provide would help.

BC AdBot (Login to Remove)


#2 Aaflac


    Doin' Dis 'n Dat...

  • Malware Response Team
  • 2,307 posts
  • Gender:Not Telling
  • Location:USA
  • Local time:08:13 PM

Posted 10 January 2014 - 10:33 PM

:welcome: to BC forums, resolve14!

Let's give a Puppy (Linux) bootable USB a try to remove the ransomware files.

You need a clean computer and a USB pen/flash drive to make a bootable USB drive with Puppy.
Then, you can work from the USB pen/flash drive without having to install the Puppy Operating System.

Part I:
Download > http://distro.ibiblio.org/puppylinux/puppy-5.6/
Select: slacko-5.6-PAE.iso
Save to the Desktop.

Also use the Universal USB Installer (UUI) to create a bootable USB drive with Puppy.
Download > http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/#button
Press the green button for the free download.

After the download is complete, connect a USB pen/flash drive (all files on the drive will be overwritten!) and open the UUI program.

In the Setup your Selections Page window, click the drop arrow by:
Step 1: Select a Linux Distribution
Use the drop arrow, scroll down, and select: Slacko Puppy

Step 2: Select your .iso > Click the Browse button.
Locate the slacko-5.6-PAE.iso file downloaded to the Desktop, and click: Open

Step 3: Select your USB Flash Drive Letter
Use the drop arrow, and select the drive letter of the USB pen drive you want to use for Puppy Linux.

Also check the following option: Format Drive (Erases Content)

(To make sure you are using the correct drive letter, go to Start > My Computer, and note the letter of the USB pen drive.)

Click: Create

The Universal USB Installer warns it will close all open windows, format the selected drive, and turn it into a bootable Puppy USB drive.
Click Yes to continue.
Click Close when you get to the Installation Complete window.

Use the Safe to Remove icon on the Taskbar to unplug the USB pen drive from the clean computer.

Part II:
Now, make sure the ransomed computer is configured to boot from USB.

Plug the USB pen drive, and boot from it to use Puppy.

Now in Puppy...

Once Puppy starts, a Personalize Settings prompt appears.
Select the time zone.

When the Internet Connection prompt appears, close it, for there is no need to establish a connection.

At the Puppy Desktop, click the Mount icon.
On the next prompt, select the Windows drive where you want to access files. You should be able to recognize it by its size.

Once the Windows drive is mounted, a screen showing its Folders/Files appears.

Find the Windows folder, and click on it.

Look for your Startup Folder which is located at the following path in XP:
Documents and Settings\<username>\Start Menu\Programs\Startup Folder(Replace <username> with the appropriate name.)

Take note of the files (not folders) listed in the Startup folder.

When done, power-off by going to: Menu > Shutdown > Power-Off

Remove the USB pen drive.

>> Please post in your reply the names of the files found in the Startup folder.

Part III:
Another option is to use a Puppy CD.

A Windows application called BurnCDCC, burns ISO files to CD, and nothing else, so, if you wish to use it, you can't go wrong.
Download > http://www.terabyteunlimited.com/utilities.html

Make sure the problem computer is set to boot from a CD.

Place the newly created Puppy CD into the CD/DVD-drive of the problem computer, and boot from it.

Follow the instructions above starting at: Now in Puppy...

Edited by Aaflac, 11 January 2014 - 01:47 PM.

Old duck...

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users