So I checked on the web and found several similar descriptions of P/A as a high pressure sales tool that takes over your computer and tells you to purchase the program in order to protect your computer from the viruses it implants (or not - I'm not clear as to whether these were dummy file names). The distinct effects of being invaded as I was vs. purchasing and downloading the software were not described. However whatever damage the attack does can apparently be overcome by free or inexpensive software.
So. We have a cheesy high pressure "protection racket" from Personal Antivirus, that aims for your pocketbook by hijacking your browser and operating system. Pay up or your PC locks up.
But the racket does not stop here. I, being a paranoid and naive user, freaked out and initiated a chat session with my antivirus provider (after I searched the web for an interactive contact address - none was listed on their site). Here is the explanation I got from them:
Norton: Alright Naive Customer, Personal Antivirus is a Spyware infection. It is a misleading application that may give exaggerated reports of threats on the computer. This program can be downloaded from a Web page and must be manually installed. The program reports false or exaggerated system security threats on the computer.
These rogue security software belongs to a family of software products that call themselves as antivirus, antispyware or registry cleaners and often use deceptive or high pressure sales tactics and deliberate false positives to convince users into buying a license/subscription. They are often repackaged and renamed. They do not actually remove malware instead many of them add more malware of their own.
Naive Customer > Do the solicitations like the one I got actually cause any harm or do you have to actually download something to get infected?
Norton > NC, these virus replicates usually without your permission or knowledge. These infections try to hide themselves from the operating system and anti-virus products. They do this by residing in the OS kernel and intercepting all operating system access. Even information passed on to security software can be manipulated in this way, and the security software might consider the computer to be threat free.
Once there is an infection on your computer, it will normally try to spread to other files on your hard drive and to other computers/devices connected to your system. Most of the times, it creates or manipulates entries and keys in your windows registry. For these cases we need to manually remove the registry entries and also remove the infected files.
Sounds serious to me, says I. OK, says Norton. We have two options: scan and remove remotely; or scan and remove with tune-up. I chose the second option and paid the price of several A/V programs to have them take over my notebook for an hour and clean it up. But hey, it's got a 7 day warranty!
Sorry to moan, but I wanted to offer my experience in case anyone else might be tempted. I should have signed off and checked around to see if there were cheaper solutions, and what the actual damage might be from just receiving the popup message.
Formerly naive customer
Oh, BTW - infected stations can spread the scareware through email - at least Norton says so.
Edited by garmanma, 05 September 2009 - 07:54 PM.
Moved to appropriate forum