McAfee > Theat Center > Virus Detail Page

Overview

Similar to other malwares of this family, FakeAlert-Q shows a fake warning message, alarming the user that their machine is infected or at risk. The intention behind all the fake messages is drive users to download and pay for the advertised antispyware product.

Characteristics

Several minutes after execution the trojan shows a popup balloon from the try bar that simulates Windows XP SP2 security warning. The content of the message may varies and includes alerts about specific trojan infections as well as generic security alerts.

All messages try to lure the user into clicking on thr baloon to open up a browser window where the user can buy the asdvertised security software.

Symptoms

windows like security warning baloon messages.

Method of Infection

Trojans do not self-replicate. They spread manually, often under the premise that the executable is something beneficial. Trojans may also be received as a result of poor security practices, or un-patched machines and vulnerable systems. Distribution channels include IRC, peer-to-peer networks, email, newsgroups postings, etc

Removal

All Users:
Use current engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

Variants

Variants

N/A

All Information

Overview -

Similar to other malwares of this family, FakeAlert-Q shows a fake warning message, alarming the user that their machine is infected or at risk. The intention behind all the fake messages is drive users to download and pay for the advertised antispyware product.

Characteristics

Characteristics -

Several minutes after execution the trojan shows a popup balloon from the try bar that simulates Windows XP SP2 security warning. The content of the message may varies and includes alerts about specific trojan infections as well as generic security alerts.

All messages try to lure the user into clicking on thr baloon to open up a browser window where the user can buy the asdvertised security software.

Symptoms

Symptoms -

windows like security warning baloon messages.

Method of Infection

Method of Infection -

Trojans do not self-replicate. They spread manually, often under the premise that the executable is something beneficial. Trojans may also be received as a result of poor security practices, or un-patched machines and vulnerable systems. Distribution channels include IRC, peer-to-peer networks, email, newsgroups postings, etc

Removal -

Removal -

All Users:
Use current engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

Variants

Variants -

N/A