Everyday many bogus anti-virus and security applications are released and pushed to unsuspecting users through various delivery channels such as :
* Spam emails that contain links or attachments
* Blogs and forums that are spammed with links to adult videos
* User-generated content spam (e.g. fake videos)
* Malicious banner advertisements
* Pirated software (‘warez’) and pornography sites
* Search Engine Optimization (SEO) poisoning
* Fake torrent files or files on file sharing networks
* Web pages containing exploits
recently, i had been tried to remove this kind of crime ware…but avast! doesn’t clean it…
what is the the solution of this problem?..this threats is well known as Trojan.FakeAV by norton…
A lot of it is added to the database. (Although it sometimes seems that other AV’s might have a better detection of new variants, when it matters most to the infected user.)
The problem is that the crimeware (as you have nicely described it) is updated to change the signature many, many times. New variants are added all the time.
Avast6 is likely to be much more effective with unknown (new) variants, partly to do with the sandboxing feature.
Frankly, a lot of the sources you mention are as much to do with user behaviour, than the lack of detection ability. One route into a computer that is very prevalent is hacked websites. A hidden script can be included in such a site that downloads the installer file/worm for the malware with no user interaction beyond visiting the site. Doesn’t have to be a “dodgy” site, either, just vulnerable. Disabling scripting in the browser generally stops this sort of download, referred to as a “drive by download”.