‘Windows Genuine Advantage’ Trojan Ransomware

'Windows Genuine Advantage' Trojan Ransomware is a clone of the West Yorkshire Ransomware, 'Votre ordinateur est bloqué' Belgium Ransomware and related ransomware Trojans, and uses an updated hoax for German Windows users but, otherwise, the same basic attacks against your PC – including displaying a fake pop-up alert that blocks your ability to use other programs. 'Windows Genuine Advantage' ransomware may also take additional measures to encrypt media files and make them unusable. While 'Windows Genuine Advantage' ransomware's pop-up tries to pass itself off as a legitimate Windows update, 'Windows Genuine Advantage' ransomware's preferred Ukash/Paysafecard payment methods should be enough to make it obvious that 'Windows Genuine Advantage' ransomware is just a ransomware Trojan that should be deleted by competent anti-malware software.

The Very Real Disadvantage to Falling for 'Windows Genuine Advantage' Ransomware's Con

'Windows Genuine Advantage' ransomware belongs to a family of ransomware Trojans that typically prefer to display pop-up warnings that claim that the victim is involved in illicit forms of pornography or file-trafficking-related crimes. With 'Windows Genuine Advantage' ransomware, this family has taken a step into incorporating another typical hoax for ransomware Trojans: a fake Windows license. 'Windows Genuine Advantage' ransomware's pop-up alert locks down your PC and peddles a fake Windows license, with the additional claim that your current OS is using a pirated or expired license.

The real Microsoft doesn't attempt to lock PCs at random, nor does Microsoft request payment in the form of Ukash or Paysafecard, which are preferred payment methods for ransomware Trojans throughout the world. SpywareRemove.com malware experts recommend that you disregard 'Windows Genuine Advantage' ransomware's pop-up warning and boot your computer from a USB flash drive. This should allow you to launch Windows without 'Windows Genuine Advantage' ransomware activating, and will let you scan your PC and delete 'Windows Genuine Advantage' ransomware safely.

Why the 'Windows Genuine Advantage' Ransomware Story Doesn't End with its Deletion

Some members of 'Windows Genuine Advantage' ransomware's family have also been observed to encrypt files. This encryption attack scrambles the contents of media files (pictures, Word documents, etc) according to a preset algorithm. SpywareRemove.com malware researchers recommend, first and foremost, that you backup all important files so that they simply can be restored after deleting 'Windows Genuine Advantage' ransomware. However, if necessary, some forms of encryption can be removed by decrypter tools that are made available by various PC security companies.

SpywareRemove.com malware analysts don't recommend that you remove 'Windows Genuine Advantage' ransomware with anything other than applicable anti-malware products, since failing to remove all PC threats related to 'Windows Genuine Advantage' ransomware may result in 'Windows Genuine Advantage' ransomware or a similar ransomware Trojan being reinstalled by Trojan droppers components. Files that are encrypted by 'Windows Genuine Advantage' ransomware or similar PC threats, while unusable until decrypted shouldn't be considered malicious.

Technical Details