Trojan.Fakealert.CAW spreads by taking advantage of loopholes in the security settings of a system. This allows the system to be compromised by malware and offers control to malicious program. It creates an 8 digit name in documents and settings folder of the system. This makes the system respond by showing pop ups of new Security Tools being installed. It would often create pops up that ask user to clean up system. When the user tries to open a web browser, the Trojan will show a firewall error. All along the Trojan keeps sending information from the infected system to a remote server. The Trojan alerts the security status of the infected system to make it appear as secured.