I've managed to keep my wifes pc clean for over a year and she is a major facebook user and I get the rogue using google, lol just very frustrating.
I've read about quite a number of infected pages being near the top of some Google results page, some even sponsored results. You don't need to go to a suspected "dodgy" (porn or warez) site to get what's called a drive by download, you just need default settings on the browser that allow scripts to run.
Websites are hacked and infected at an alarming rate. All that is needed is for the web host to be using software with a vulnerability in it. A bit of light reading about how to prevent this
here.I believe that a lot of users who download these rogues do so inadvertently, by just visiting the page hosting it.
Good point about the number of teams developing this stuff...unfortunately that makes the game a "reactive" one, rather then "proactive"..at this point anyway
I think it always has been. The rogue antivirus game is worth seriously big money. New variants of the trojans/rootkits/worms that enable installation of these are being developed and released constantly.
The only things I'm aware of that prevent them is related to disabling scripting (mentioned above), NOT clicking on what some people would recognize as dodgy links or attachments, the heuristics/behaviour blockers around- some AV's have these - unfortunately they are often a "best guess" type detection, and if turned up high present with a higher percentage of FPs.
Seriously, a layered defense is the way to go, and to guarantee that is beyond the means (and interest) of the average computer user, and for similar reasons, beyond the scope of an AV designed for the average user.
Avast represents what I consider an excellent compromise. Better than most. Additional hardening is important, though, with any AV.