Recently I was invaded by Personal Antivirus, a "scareware" that takes over your browser and more, displaying a popup that urges you to scan for viruses immediately. It won't go away (Control F4 or Control+Alt+Del might work) and begins to scan, displaying several serious-sounding e-mail viruses I've never heard of. I rebooted my notebook and checked my antivirus program; the autoprotect feature was turned off somehow (not by me).
So I checked on the web and found several similar descriptions of P/A as a high pressure sales tool that takes over your computer and tells you to purchase the program in order to protect your computer from the viruses it implants (or not - I'm not clear as to whether these were dummy file names). The distinct effects of being invaded as I was vs. purchasing and downloading the software were not described. However whatever damage the attack does can apparently be overcome by free or inexpensive software.
So. We have a cheesy high pressure "protection racket" from Personal Antivirus, that aims for your pocketbook by hijacking your browser and operating system. Pay up or your PC locks up.
But the racket does not stop here. I, being a paranoid and naive user, freaked out and initiated a chat session with my antivirus provider (after I searched the web for an interactive contact address - none was listed on their site). Here is the explanation I got from them:
Norton: Alright Naive Customer, Personal Antivirus is a Spyware infection. It is a misleading application that may give exaggerated reports of threats on the computer. This program can be downloaded from a Web page and must be manually installed. The program reports false or exaggerated system security threats on the computer.
These rogue security software belongs to a family of software products that call themselves as antivirus, antispyware or registry cleaners and often use deceptive or high pressure sales tactics and deliberate false positives to convince users into buying a license/subscription. They are often repackaged and renamed. They do not actually remove malware instead many of them add more malware of their own.
Naive Customer > Do the solicitations like the one I got actually cause any harm or do you have to actually download something to get infected?
Norton > NC, these virus replicates usually without your permission or knowledge. These infections try to hide themselves from the operating system and anti-virus products. They do this by residing in the OS kernel and intercepting all operating system access. Even information passed on to security software can be manipulated in this way, and the security software might consider the computer to be threat free.
Once there is an infection on your computer, it will normally try to spread to other files on your hard drive and to other computers/devices connected to your system. Most of the times, it creates or manipulates entries and keys in your windows registry. For these cases we need to manually remove the registry entries and also remove the infected files.
Sounds serious to me, says I. OK, says Norton. We have two options: scan and remove remotely; or scan and remove with tune-up. I chose the second option and paid the price of several A/V programs to have them take over my notebook for an hour and clean it up. But hey, it's got a 7 day warranty!
Sorry to moan, but I wanted to offer my experience in case anyone else might be tempted. I should have signed off and checked around to see if there were cheaper solutions, and what the actual damage might be from just receiving the popup message.
Formerly naive customer
Oh, BTW - infected stations can spread the scareware through email - at least Norton says so.
Full Version: Antivirus protection racket - problem solved, lots of $
Hi Wamba1, welcome to BC! 
Rogue security programs have proliferated like cockroaches lately. Being so easy to make, it's understandable (even I have made a reasonably convincing scareware program [just an experiment, not for evil!]) And they are profitable. Many, many credulous users have shelled out money to the makers of these programs.
I'm glad to hear that you were able to solve this problem. Even though you had to shell out some cash, at least it wasn't to the bad guys!
For anyone else affected by this rogue program, please read Bleeping Computer's guide for removing Personal Antivirus, which can be found here: http://www.bleepingcomputer.com/virus-remo...sonal-antivirus
Rogue security programs have proliferated like cockroaches lately. Being so easy to make, it's understandable (even I have made a reasonably convincing scareware program [just an experiment, not for evil!]) And they are profitable. Many, many credulous users have shelled out money to the makers of these programs.
I'm glad to hear that you were able to solve this problem. Even though you had to shell out some cash, at least it wasn't to the bad guys!
For anyone else affected by this rogue program, please read Bleeping Computer's guide for removing Personal Antivirus, which can be found here: http://www.bleepingcomputer.com/virus-remo...sonal-antivirus
Andrew,
I'm not surprised that these rogue programs are spreading - the strategy resembles the plot of the film, "The Net", but on a much lower and non-lethal scale. I would advise anyone who gets these popups not to panic; do a little research and try to find a cheap way to remove the files.
And while I have your attention, I wonder if you could share your opinion of the MalwareBytes software?
Thanks,
Jim
I'm not surprised that these rogue programs are spreading - the strategy resembles the plot of the film, "The Net", but on a much lower and non-lethal scale. I would advise anyone who gets these popups not to panic; do a little research and try to find a cheap way to remove the files.
And while I have your attention, I wonder if you could share your opinion of the MalwareBytes software?
Thanks,
Jim
Malwarebytes' products are reputable and powerful.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.