Many people try to search for free antispyware, install something purporting to be genuine, but unknowingly become victimized and land up paying two fold - by damage caused to their system and potentially by later parting with credit card details to remove bogus infections.

 

One of the most popular current fakealert variant seen is "Fakealert-Sysdef"

 

The tool are advertised like – System Repair, WinXPRecovery, XP Security

 

fakealert1.bmp

 

FakeAlert may install itself onto your PC without your permission, via a drive-by attack on a compromised website.

 

If victim tries to stop the scanner, it won’t close rather force the victim to complete the scanning and displaying fake warnings and trick them into buying rogue antispyware programs

 

fakealert2.bmp

Often fake-alert infections will prevent the machine from working as expected. This makes the threat persistent and prevents users from remediating the infection.In some cases, fake-alert infections will hijack certain Windows Registry Keysthat associate applications based on file extensions.

 

%UserProfile%\Desktop\Windows XP Repair.lnk

%UserProfile%\Start Menu\Programs\Windows XPRepair\Windows XP Repair.lnk

%UserProfile%\Start Menu\Programs\Windows XPRepair\Uninstall Windows XP Repair.lnk

 

it connects to the following sites to download other malicious files.

    • hxxp://click[removed].org
    • hxxp://find[removed].org
    • hxxp://click[removed].org


To stay safe online we recommend users  buy proper AV like McAfee, keep their software and operating system patches updated, and ensure security best practices are followed at all times.