A new infection has been spreading on the Internet targeting Windows users. In fact it’s a Trojan horse that pretends to be a Windows Activation program. Once infected, you will receive a professionally looking screen simulating Microsoft Windows Activation which will state that you need to re-activate your Windows. The program will also ask to enter your name, contact information and credit card details. Revealing your credit card information is a huge mistake as you will end up losing your money.
A warning message, who says your copy of Windows was activated by another user and ask your billing details to check the authenticity.
If you select the option ‘No, I will do it later’ nothing happend, you are forced to use the first option.
Once infected the file is located in %APPDATA% with the name “services.exe”.
If you try to terminate this fake Windows Activator you get a BSoD (Blue Screen of Death).
The Trojan will not give up until you enter your private data there and as soon as you give access to your bank account your credit card will be charged.
Quick Heal detects this malware as “TrojanBanker.Activator.a”.
Leave a reply
