According to Panda Security, FakeWindows.A is a Trojan that resembles a Windows XP activation process
Computers can be reached by this trojan through email or can be downloaded from a malicious Web page. It tries to get users to believe that the operating system is requesting their data to activate the account (screen capture
). In addition to personal data, the Trojan also requests bank details. On entering them, the program displays an error screen indicating it was impossible to connect to the server. Consequently, in addition to making data theft easier, users' computers are blocked.
The UrlDistract.A Trojan reaches computers through emails with an icon that resembles a video. When run, the Trojan silently steals users' information, while it distracts them by opening a YouTube video called "Little Superstar" where an actor dances to the music (video
). The Trojan then connects to an address in Atlanta (USA) and sends all the data stolen from the computer.