cannot boot to Hitman Pro Kickstart USB to remove ransom malware

M

Mercury7

New Member
Thread author
May 21, 2014
1
Desktop blocked with bogus DHS ICE site.
Won't boot up in safe/safe network/safe prompt.
Each kicks out and pc reboots normally, which means back to ransom page.
Windows Vista (x64) w/circa 2006 MB hardware.
Created Hitman flashdrive kickstart and Sidekick CD, but boot hangs/fails when it tries USB.
Tried above flashdrive w/Hiren's boot CD but also fails to boot from USB.
Tried Bitdefender boot CD, which booted and scanned OK, but failed to identify/remove ransom malware.
Advanced Boot Options do not include the 'Repair your computer' or 'System Recovery' choices; only these:
Enable Boot Logging
Enable low-resolution video (640x480)
Last Known Good Configuration (Advanced) - tried this one already; still gets ransom page.
Directory Services Restore Mode
Debugging Mode
Disable automatic restart on system failure
Disable Driver Signature Enforcement
Again, all 3 safe mode choices result in pc starting windows normally, which results in ransom page.
Using Knoppix boot disk now to backup files, mainly in prep for reinstall of Vista.
Reinstall is last ditch option but would (MUCH) rather avoid.
Is there another option?
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Ok, we will burn required tools on your USB.


Please download the following tools on your Desktop:
  1. Farbar Recovery Scan Tool x64
  2. Rufus
  3. Vista 64bit rc.iso

  • Insert your USB and then start Rufus
  • Select the ISO file Vista 64bit rc.iso on the desktop via the ISO icon.

16kbazl.jpg


  • Under the Device select your USB Flash.
  • Press Start
  • When the process is complete, copy Farbar Recovery Scan Tool x64 on this USB
  • Insert USB into infected computer and power on the computer. Now you need to set your computer to boot from USB. In order to do that, follow this guide.
  • When you boot from USB, you will see image like this:
2mo49iw.jpg


  • Click Repair your computer
  • Follow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.
In the next menu, use the arrow keys on the keyboard to highlight Command Prompt and press Enter.
  • In the command window type in notepad and press Enter.
  • When notepad opens, click File and select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe and press Enter.
Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run. When the tool opens click Yes to disclaimer.
  • Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please attach it to your reply.
 

Similar threads

SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
13,882
Other security for Windows, Mac, Linux
Warencom
W
Trident
    • Like
    • +Reputation
    • Hundred Points
Serious Discussion Harmony Endpoint by Check Point
Replies
685
Views
59,229
Other security for Windows, Mac, Linux
simmerskool
simmerskool
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
862
ChromeOS & Linux
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top