The "ransom-ware" application Security Tool impresses me--and that's a really bad thing. This rogue application is quite slick. Although it doesn't pretend to be part of the official Windows notification process as Antivirus 2009 and its ilk do, Security Tool would be quite convincing if it weren't so "over the top" and overbearing. Once infected, your computer will bombard you with fake scans and messages that you're infected and need to purchase the full version of their product immediately. My favorite is the taskbar balloons that say things such as, "malware.trojan is attempting to send your bank account information to a remote site! Click here to prevent this."
Like most modern malware, Security Tool is not easily removed. I used a combination of booting from BartPE, Spybot, Webroot, and Hijack This to slow it down and eventually (I believe) stop the little bugger. Sadly, a reformat remains the only method of knowing with 100% confidence that all traces of the beast are gone.
After years of disinfecting computers, I finally witnessed a rogue app in action on my own computer a couple of weeks ago. No, we didn't get infected, but it was close. Annie clicked to allow a little app in Facebook (something I've done myself a dozen times or more) and it threw a little alert box up on the screen telling her the computer was infected--click OK to disinfect. Annie didn't fall for it but called me over to see. Now, if that can happen on my computer, which is fully patched and protected, it can happen anywhere. I always knew that, but somehow it's different when you see it with your own eyes.