Just how big of a problem are fake anti-virus programs, though? Comparing 2008 to 2009, there has been a reported five-fold increase in the number of fake A/V detections. The primary reason for this right now is cited as a constant-changing checksum on a tainted piece of software, leading to hundreds of thousands of variants -- making it more difficult to detect amongst a wide array of machines. One particular security group, APWG, believes that as this evolution of fake software continues, the demand placed on real anti-virus scanners may become overwhelming.
One of the real problems, they noted, is that most software today relies on signature-based detections. Software which changes itself on a per-download basis is easily able sneak past this. It's further complicated because many of these fake programs often try to use a bit of social engineering to accomplish their goals -- convincing people they are real, which would get past virtually any software protection. APWG also indicated that the number of machines being infected year by year is actually going up, as opposed to going down. Are malicious software writers getting that much better, or are security vendors slipping? It has always been an interesting battle to watch -- unfortunately, end users are caught in the middle.