No, a windows computer is needed to make the HitmanPro bootable USB.
Lets try this, if it doesn't work then we can try something else.
You will need the following:
1. A Clean computer with a CD Burner
2. Windows XP CD
3. Blank CD
4. USB pen drive
Please follow the steps below. If you are unable to create the UBCD4WIN, please provide any error messages, and/or what step you cannot follow.
Phase I - Creating the ISO file
1. Please select a mirror and download the Ultimate Boot CD for Windows to the Desktop
- Double-Click on the UBCD4Win.exe file downloaded to the Desktop.
- Follow all of its instructions/prompts
Note: Do not install to a folder with spaces in it's name. It is best to use the default name C:\UBCD4Win
Note: Your Antivirus may report viruses or trojans when you extract UBCD4Win. These are False-Positives.
Read here for information regarding the files that normally trigger AV software.
- At the very end, uncheck: Run UBCD4WinBuilder.exe when installation is complete
- Click: Finish
2. Insert your XP CD with SP1/SP2/SP3 into a CD ROM drive
- Open My Computer, and navigate to: C:\ubcd4win
- Double-click on UBCD4WinBuilder.exe
- Click I Agree to the UBCD4Win PE Builder License
- Select No when prompted to Search for Windows installation files
- For Source: click on the ellipsis (...), then click on the drive with your Windows XP CD, press OK
- For Custom: no information is necessary, leave blank
- For Output: keep the default BartPE
- For Media output select Create ISO image: (enter filename)
Note: Leave the default filename and path as well (C:\UBCD4Win\UBCD4WinBuilder.iso). If you change it make sure it is
a folder without spaces in the name.
- Note: If your XP install disc is SP1 then please click the Plugins button and modify the following options:
Click on each option, then click Enable/Disable so the correct value is displayed.
Disabled - !Critical: DComLaunch Service [Building with XP SP1-DISABLE]
Enabled - !Critical: LargeIDE Fix (KB331958) [Building with XP SP1-ENABLE]
3. Click on the Build button.
- When you see the Windows EULA message. Click on I Agree
- At the Build Screen, let it run its course.
- When the Build is finished, click close, then exit.
4. Burn your ISO file to CD
Phase II - Download Farbar's Recovery Scan Tool (FRST)
From the clean computer, download Farbar Recovery Scan Tool and save it to the USB pen drive.
Note: You need the 32-bit version to run with UBCD4Win
Now, plug the USB pen drive back into the ransomed computer and move on to the next step.
Phase III - Booting to the UBCD4Win CD
Restart the ransomed Computer Using the UBCD4Win disc created.
- Insert the UBCD4Win disc into a CD/DVD drive
- Restart the computer. It should boot from the UBCD4Win CD automatically
- If it doesn't, and you are asked if you want to boot from CD, then, select that option
Note: Information on booting from CD > here
- In the window that appears select Launch The Ultimate Boot CD For Windows, and press: Enter
- It may take a longer for the Desktop to appear than it does when you start the computer normally, but, just let the process run itself until the Desktop appears
- Once the Desktop appears, a message appers asking: Do you want to start Network support?, click Yes
- You should now have a Desktop that looks like this:
Phase IV - Running the FRST scan
- Single-click My computer from the UBCD4Win Desktop, and navigate to the Farbar Recovery Scan Tool (FRST.exe) saved to the pen drive.
- Double-click on FRST.exe to begin running the tool
- When the tool opens click Yes to disclaimer
Note: If prompted to download the latest version, please do so from the link in Phase II
- When done scanning, the tool makes a log, FRST.txt on the pen drive. You can now close the pen drive, and safely remove it.
- Insert the USB pen drive into your clean computer, and post the FRST.txt in your reply
~If I am helping you and you have not had a reply from me in two days, please send me a PM~
~Currently in my last year of school, so replies might be more delayed~
ID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here
~Twitter~ | ~Malware Analyst at Emsisoft~