HitmanPro.Kickstart: say goodbye to ransomware

Martin Brinkmann
Dec 4, 2012
Updated • Mar 26, 2016
Security
|
9

HitmanPro.Kickstart is a feature of HitmanPro that users of the software can use when their computer has been attacked by ransomware.

Ransomware is a class of malware that restricts access to a computer system in one form or another, often asking for a ransom to be paid to restore the system's full functionality.

Some forms or ransomware use encryption to block access to data on a hard drive or the system, while others may use simpler forms like locking the screen, but all have in common that they display a notification to the user working on the PC that is designed to intimidate.

Ransomware often poses as official notifications by law enforcement agencies, often accusing the user of downloading files illegally or visiting inappropriate websites.

For the user, it often means that the desktop and other features of it become inaccessible. It may block resident antivirus solutions and other forms of protection on the system, may hold important files ransom, and often does not give users an option to start programs on the system.

Live CDs and rescue CDs are commonly used to remove the malware type from an infected system, but depending on the solution, the creation and use may be difficult.

HitmanPro.Kickstart

HitmanPro.Kickstart is a new feature of the second-opinion scanner HitmanPro that simplifies the process greatly. The program has been designed to aid users in the recovery of systems infected with ransomware malware.

All that needs to be done is to create a rescue environment on a USB Flash Drive from within the HitmanPro application, and boot your computer from it whenever it is infected by ransomware.

The files on the USB Flash drive will boot a custom desktop environment bypassing the ransomware on the master boot record . HitmanPro will automatically be started so that you can scan your system using the software to remove the ransomware from it.

The live Windows environment provides the Kickstart application with forensic information, including processes, services and Windows Registry keys, that have been modified or created by the ransomware on the system.

Here is a video demonstration of the feature:

To prepare an USB Flash drive do the following:

  • Load the HitmanPro application like you would normally do.
  • Click on the icon next to Settings to open the configuration screen.
  • Connect an USB Flash drive to the system. Note that it will be formatted by the program which means that all data on it will be lost.
  • Wait for the formatting and installation to complete. It should not take longer than a couple seconds.

To remove ransomware from your PC using the application you need to configure it to boot from the flash drive automatically. This is usually done in the BIOS or UEFI when the computer starts up.

Depending on your setup, you may only need to insert the flash drive into an USB port before boot to use it, or you may need to change the boot order in the BIOS or tell the system to boot from USB instead which often works by pressing F8 or F11 during start of the PC.

There are a couple of things that I'd like to point out. I have talked to the developers and they mentioned that HitmanPro.Kickstart won't work on systems that use full disk encryption. It is also important to note that you should update the data on the drive regularly. The recommended way is to run the creation process again in the HitmanPro application.

HitmanPro.Kickstart requires USB Flash drives with at least 32 Megabyte of space which is certainly not an issue anymore. It is fully compatible with all recent versions of Microsoft Windows except for Windows 8. Additional information about the product are available here on the product page.

Summary
software image
Author Rating
1star1star1star1star1star
2.5 based on 2 votes
Software Name
HitmanPro.Kickstart
Operating System
Windows
Software Category
Security
Landing Page
Advertisement

Previous Post: «
Next Post: «

Comments

  1. ML19946 said on August 21, 2013 at 2:37 pm
    Reply

    I am so close to making this work on my HP Windows 7 machine, but when the HitmanPro.Kickstart gets going it says, “Waiting for internet connection.” After five minutes, it times out and says it didn’t find anything. Is an internet connection absolutely necessary? This was not specified in the very detailed directions I printed out.

    I suppose my first mistake was taking my computer to work to use a clean computer to download the Hitman software on a USB flash drive. Because I never use my personal computer at work it wasn’t able to login to the wifi. So I took it home to try, and now it won’t login there either. Is there anything I can do?

    Thank you for your time.

    1. Martin Brinkmann said on August 21, 2013 at 3:26 pm
      Reply

      I have contacted my HitmanPro contact, waiting for a response.

  2. ruudster101 said on December 23, 2012 at 10:07 pm
    Reply

    @ Martin Brinkmann & OblongCircles
    Actually i find a site where to download Kickstart.Sidekick iso…but dunno
    if this will do his thing when ad to Yumi cause its an iso for cd/dvd creation…
    I didnt try it….

  3. Grr said on December 6, 2012 at 9:36 am
    Reply

    This seems to be a very useful tool to have.

    Hope that I would never require using it..lol

    Thanks,
    Grr

  4. Morely Dotes said on December 4, 2012 at 8:24 pm
    Reply

    Of course, this all depends on you having sense enough to make a backup of your clean system to start with. Odds are, if you visit sites that push ransomware onto your PC, you didn’t do that.

  5. onedeafeye said on December 4, 2012 at 7:14 pm
    Reply

    Would something like Sandboxie or Returnil protect your computer from ransomware?

  6. ireiner said on December 4, 2012 at 5:06 pm
    Reply

    This program should cause me to use DBAN a lot less.

  7. OblongCircles said on December 4, 2012 at 4:53 pm
    Reply

    Can this be added to Yumi multi-boot USB (http://www.pendrivelinux.com/yumi-multiboot-usb-creator/)? Is it an ISO?

    1. Martin Brinkmann said on December 4, 2012 at 4:55 pm
      Reply

      No it is not an ISO.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.