A new kind of malicious program has been discovered spreading through cyberspace in the form of a fake Windows Activation Screen. This is a dangerous and annoying Trojan that appears to be a legitimate Windows activation program. This Trojan reaches user computers via infected malicious websites. Once it has been downloaded and installed on the system, it will display a very professional-looking dialog box which asks the user to activate their copy of Windows. It will not let the user perform any other task on the computer until they comply with the requests presented in this dialog box. It will ask for the user’s credit card details, and if the user makes the mistake of giving them, the developers of the malware will use it to commit credit card fraud and to steal money from the user.
The fake Windows Activation Screen is a dangerous program that you should remove as soon as you find it on your computer. In order to remove this Trojan, you need to delete its files and folders and remove its registry entries.
File Removal Procedures
The first step needed to remove Fake Windows Activation Screen is the deletion of the following files and folders:
- C:\WINDOWS\system32\<random>.exe
- %UserProfile%\Application Data\mtl.dll
Registry Removal Proedures
Once the files and folders of the Trojan have been removed, you should delete the following keys and settings from the Windows Registry for complete removal of the fake Windows Activation Screen:
- HKEY_CURRENT_USER\Software\AntiPiracy
- HKEY_CURRENT_USER\Software\<random>
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = “1”
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>”
Speak Your Mind