HitmanPro.Kickstart: say goodbye to ransomware
HitmanPro.Kickstart is a feature of HitmanPro that users of the software can use when their computer has been attacked by ransomware.
Ransomware is a class of malware that restricts access to a computer system in one form or another, often asking for a ransom to be paid to restore the system's full functionality.
Some forms or ransomware use encryption to block access to data on a hard drive or the system, while others may use simpler forms like locking the screen, but all have in common that they display a notification to the user working on the PC that is designed to intimidate.
Ransomware often poses as official notifications by law enforcement agencies, often accusing the user of downloading files illegally or visiting inappropriate websites.
For the user, it often means that the desktop and other features of it become inaccessible. It may block resident antivirus solutions and other forms of protection on the system, may hold important files ransom, and often does not give users an option to start programs on the system.
Live CDs and rescue CDs are commonly used to remove the malware type from an infected system, but depending on the solution, the creation and use may be difficult.
HitmanPro.Kickstart is a new feature of the second-opinion scanner HitmanPro that simplifies the process greatly. The program has been designed to aid users in the recovery of systems infected with ransomware malware.
All that needs to be done is to create a rescue environment on a USB Flash Drive from within the HitmanPro application, and boot your computer from it whenever it is infected by ransomware.
The files on the USB Flash drive will boot a custom desktop environment bypassing the ransomware on the master boot record . HitmanPro will automatically be started so that you can scan your system using the software to remove the ransomware from it.
The live Windows environment provides the Kickstart application with forensic information, including processes, services and Windows Registry keys, that have been modified or created by the ransomware on the system.
Here is a video demonstration of the feature:
To prepare an USB Flash drive do the following:
- Load the HitmanPro application like you would normally do.
- Click on the icon next to Settings to open the configuration screen.
- Connect an USB Flash drive to the system. Note that it will be formatted by the program which means that all data on it will be lost.
- Wait for the formatting and installation to complete. It should not take longer than a couple seconds.
To remove ransomware from your PC using the application you need to configure it to boot from the flash drive automatically. This is usually done in the BIOS or UEFI when the computer starts up.
Depending on your setup, you may only need to insert the flash drive into an USB port before boot to use it, or you may need to change the boot order in the BIOS or tell the system to boot from USB instead which often works by pressing F8 or F11 during start of the PC.
There are a couple of things that I'd like to point out. I have talked to the developers and they mentioned that HitmanPro.Kickstart won't work on systems that use full disk encryption. It is also important to note that you should update the data on the drive regularly. The recommended way is to run the creation process again in the HitmanPro application.
HitmanPro.Kickstart requires USB Flash drives with at least 32 Megabyte of space which is certainly not an issue anymore. It is fully compatible with all recent versions of Microsoft Windows except for Windows 8. Additional information about the product are available here on the product page.Advertisement