Хенде хох (Hands up) Ransomware

Хендехох ransomware is a Trojan that's used to install ransomware Trojans such as those from the FakePoliceAlert family and is currently distributed as a malicious software product for multiple groups of criminals to use as they wish. At the time of this writing, the majority of anti-malware programs are unable to detect Хендехох ransomware until this PC threat has been unpacked and installed, at which point Хендехох ransomware will attempt to lock down your PC and extract a ransom fee. However, spending money is unnecessary for the safe removal of Хендехох ransomware, which can be deleted harmlessly by up-to-date and competent anti-malware products as long as standard anti-malware measures are first used to disable Хендехох ransomware and related PC threats prior to a system scan.

Хендехох Ransomware: A Digital Gun at Your Back for Christmas

As a product whose name translates to 'hands up, Хендехох ransomware packages use flash advertisement-based distribution to get into the hands of criminals who are willing to pay for a tidy bundle of code that will deliver their ransomware products for them. Translated, this advertisement reads as follows:

We are offering to you affiliate "Хендехох" which is used to install Winlockers by DE (not BKA).
75% of successfull installs.
Size - 60-70kb
Average income - 250 - 1k EUR from 1k installs
The bot does nothing, and will be deleted itself after payment.
Very big conversion percent from adult traffic.
Cryptor is being changed every day.
And so on common phrases like comfortable admin panel and so on...

SpywareRemove.com malware researchers note that although very few anti-malware scanners are able to detect the uninstalled .exe for Хендехох ransomware, a reasonable quantity of them are able to detect Хендехох Ransomware after Хендехох ransomware is been decompressed. Due to the slim numbers of anti-malware programs that can detect Хендехох ransomware and the fact that Хендехох ransomware is quite recent as a PC threat, you should pay close attention to having up-to-date threat databases for your PC security programs if you want to have a hope of detecting Хендехох ransomware before Хендехох ransomware can lock down your operating system.

The exact message that Хендехох ransomware displays while Хендехох ransomware locks your OS will vary due to the type of ransomware Trojan that Хендехох ransomware is used to install. 'Achtung! Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert' is one commonly-used error message that's created by ransomware-based PC threats. In all cases, you should disregard unusual error messages that appear while your PC displays symptoms of infection by ransomware programs, since criminals often use such errors to pretend to be from legal authorities.

Foiling Хендехох Ransomware's Profit Scheme

Хендехох ransomware will provide an easy payment method to unlock your PC, but this is an inadvisable use of your money. Although Хендехох ransomware Trojans may claim that they'll delete or encrypt files on your computer, these attacks are often empty bluffs and can, in any case, be easily-prevented by removing Хендехох ransomware. If Хендехох ransomware, like most forms of ransomware, prevents you from using anti-malware applications that could remove Хендехох ransomware, SpywareRemove.com malware researchers note that you may want to consider the following solutions to halt Хендехох ransomware in its tracks:

• Booting your PC into a secondary OS; most Хендехох ransomware Trojans have been noted only to affect Windows platforms.
• Booting in Safe Mode, which will disable unnecessary processes, potentially including Хендехох ransomware.
• Booting your OS from a USB device, CD or other type of external source that will let you scan your PC without Хендехох ransomware ever being able to launch itself.

Since Хендехох ransomware and affiliated PC threats may attempt to disguise themselves as basic system components or hide their components in sensitive locations, SpywareRemove.com malware analysts discourage manual removal if you have access to anti-malware products.

Technical Details