![\"\"](\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/WA1.JPG\")
<\/p>\nA new infection has been spreading on the Internet targeting Windows users. In fact, it is a Trojan horse that pretends to be a Windows Activation program. Once infected, you will receive a professional looking screen simulating Microsoft Windows Activation which will state that you need to re-activate your Windows OS. The program will also ask you to enter your name, contact information and credit card details. Revealing your credit card information is a huge mistake as you will end up losing your money.<\/p>\n
Here is the warning message that appears, which says your copy of Windows OS was activated by another user and then asks for your billing details to check the authenticity.<\/p>\n
<\/p>\n
If you select the option “No, I will do it later” nothing happens so you are forced to click on the first option.<\/p>\n
![\"\"](\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/WA2.JPG\")
<\/p>\n
Once infected, the file is located in %APPDATA% with the name “services.exe”.<\/p>\n
![\"\"](\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/WA6.JPG\")
<\/p>\n
If you try to terminate this fake Windows Activator you get a BSoD (Blue Screen of Death).<\/p>\n
![\"\"](\"https:\/\/blogs.quickheal.com\/wp-content\/uploads\/archive\/WA4.JPG\")
<\/p>\n
The Trojan will not give up until you enter your private data there and as soon as you give access to your bank account your credit card will be charged.<\/p>\n