to BC forums, resolve14!
Let's give a Puppy (Linux) bootable USB a try to remove the ransomware files.
You need a clean computer and a USB pen/flash drive to make a bootable USB drive with Puppy.
Then, you can work from the USB pen/flash drive without having to install the Puppy Operating System.
Download > http://distro.ibiblio.org/puppylinux/puppy-5.6/
Save to the Desktop.
Also use the Universal USB Installer (UUI) to create a bootable USB drive with Puppy.
Download > http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/#button
Press the green button for the free download.
After the download is complete, connect a USB pen/flash drive (all files on the drive will be overwritten!) and open the UUI program.
In the Setup your Selections Page window, click the drop arrow by:
Step 1: Select a Linux Distribution
Use the drop arrow, scroll down, and select: Slacko Puppy
Step 2: Select your .iso > Click the Browse button.
Locate the slacko-5.6-PAE.iso file downloaded to the Desktop, and click: Open
Step 3: Select your USB Flash Drive Letter
Use the drop arrow, and select the drive letter of the USB pen drive you want to use for Puppy Linux.
Also check the following option: Format Drive (Erases Content)
(To make sure you are using the correct drive letter, go to Start > My Computer, and note the letter of the USB pen drive.)
The Universal USB Installer warns it will close all open windows, format the selected drive, and turn it into a bootable Puppy USB drive.
Click Yes to continue.
Click Close when you get to the Installation Complete window.
Use the Safe to Remove icon on the Taskbar to unplug the USB pen drive from the clean computer.
Now, make sure the ransomed computer is configured to boot from USB.
Plug the USB pen drive, and boot from it to use Puppy.
Now in Puppy...
Once Puppy starts, a Personalize Settings prompt appears.
Select the time zone.
When the Internet Connection prompt appears, close it, for there is no need to establish a connection.
At the Puppy Desktop, click the Mount icon.
On the next prompt, select the Windows drive where you want to access files. You should be able to recognize it by its size.
Once the Windows drive is mounted, a screen showing its Folders/Files appears.
Find the Windows folder, and click on it.
Look for your Startup Folder which is located at the following path in XP:
Documents and Settings\<username>\Start Menu\Programs\Startup Folder(Replace <username> with the appropriate name.)
Take note of the files (not folders) listed in the Startup folder.
When done, power-off by going to: Menu > Shutdown > Power-Off
Remove the USB pen drive.
>> Please post in your reply the names of the files found in the Startup folder.
Another option is to use a Puppy CD.
A Windows application called BurnCDCC, burns ISO files to CD, and nothing else, so, if you wish to use it, you can't go wrong.
Download > http://www.terabyteunlimited.com/utilities.html
Make sure the problem computer is set to boot from a CD.
Place the newly created Puppy CD into the CD/DVD-drive of the problem computer, and boot from it.
Follow the instructions above starting at: Now in Puppy...
Edited by Aaflac, 11 January 2014 - 01:47 PM.