Does the following screenshot look familiar to you? It sure does to us here at Symantec because it looks nearly identical to our Norton 2009 product. However, it is actually a misleading application we detect as Trojan.Fakeavalert. The website that is used by the security risk to corral users to purchase rogue software looks suspiciously like our Norton site as well: Besides using our brand name and Nortel's, there is another interesting trick that I thought would be worth a mention so no one gets fooled by this scam. Once infected with the security risk, the computer may suddenly explain that the user has a spyware infection and the following blue screen may appear: After a while the screen shows that a memory dump has been taken and then the Windows XP logon splash screen appears before returning to the desktop: But, the reality is that the malware is producing the video in full screen with the mouse and keyboard locked so that the user cannot take control the computer until the show ends. Note that Green Antivirus—which is another misleading application that was released at almost the same time as this one—shares the same programming code as Nortel Antivirus. Please don't be fooled into buying this software while thinking that it is friendly to the ecosystem! . --------------------------------------------------------------------------------------------------------------
Nortel has contacted us to let us know that they have posted a security alert on their website to warn users about this threat. You can visit the Nortel security alert page here: http://www.nortel.com/corporate/alert.html.