Google Warns Users About Malware Infection

[Jack]

Google has taken the unprecedented step of warning some of its users that their computers are infected with a piece of malware that hijacks their search traffic.

The alert is displayed on google.com and only appears to users whose search traffic is redirected through specific IP addresses associated with this threat.

"This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called 'proxies.'

"We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections," Google said.

More details

 

[Dejan]

Weird, I know a rogue (actually, a few of them) that will show fake warnings coming from apparently Google (an example being AV Defender 2011). I didn't think there would be actual legit warnings from Google about users being hijacked. There's also the down-side of some people thinking this is a fake warning, but we'll see.

 

[MrXidus]

That's good to see.

 

[Tom172]

Weird, I know a rogue (actually, a few of them) that will show fake warnings coming from apparently Google (an example being AV Defender 2011). I didn't think there would be actual legit warnings from Google about users being hijacked. There's also the down-side of some people thinking this is a fake warning, but we'll see.

Yes, there was an artile posted on this issue.

http://www.thetechherald.com/article.php/201129/7408/Google-s-Malware-warning-a-double-edged-sword

 

[Vextor]

It's a good step, however as endejan said, it can be interpreted as a rogue.

 

[jamescv7]

I would agree to endejan since rogues before were hijacked through search engine and was altered with searches

If I am the one notice it probably I will shock why I'm infected.

 

[K__M]

That does seem like a wonderful idea.

Altho i do agree with the above it could be looked at wrong.

But they might get scared and google search security software

 

[Jack]

Great move from Google,anything which warns computer users about genuine malware threats has to be a good thing.Can a rogue mimic that alert and trick a user?... Yes! but this isn't a reason why Google shouldn't warn their users.They have estimated that a couple of million pc's, may be affected around the world the people so the number of those who will benefit from this alert is greater when compared with the people who might fall for a rogue.

If you wondered what will happen when a user will click the 'Learn how to fix this' button , look no further.This is the link were Google will redirect it's infected users - link.

Now the recommendations aren't the best, and I would've like to see FREE security products in their list , not paid ones. Seeing McAfee on that list makes me wonder .
Overall all the 3 steps aren't very accurate and helpful,I would've expected from Google a better advice. link

 

[jamescv7]

Suggestions from F-secure and Bitdefender are fine but Mcafee can be mediocre.

 

[Jack]

Google is still editing this file ..They have added to the antivirus software list :

• Microsoft Security Essentials
• Microsoft Safety Scanner
• Windows Defender

Also added an extra step :

3. Perform additional cleaning by resetting your system’s HOSTS file. While the threat has been removed, the malware may have made further changes that you can reset by following the guidelines provided in Microsoft's support center.

Microsoft has identified this particular strain of malware as "FakeVimes." Learn more in Microsoft's Malware Protection Center.

In a few days Google just might come up with a decent "How-To'"

 

[MrXidus]

In a few days Google just might come up with a decent "How-To'"

:+1:

 

[Dejan]

They should have a few suggestions on prevention, so this wouldn't happen again (other then suggesting antivirus software which you might already have). I'd add something about keeping Windows up-to-date or using a safe browsing tool like WOT.. asking too much?

 

[Jack]

At this point Google's tips are not very detailed and professional.
eg 1 :

1.Install or update your antivirus software. Antivirus software can detect and remove malware from your computer. While we don't make or support antivirus software ourselves, here are some tips:
If you don't have any antivirus software, you can either search Google for "antivirus" or try one of our suggested antivirus products.
BitDefender
F-Secure
McAfee
Microsoft Security Essentials
Microsoft Safety Scanner
Windows Defender

Last time I've checked Microsoft Safety Scanner was an on-demand scanner and not an antivirus product that can be used in real-time.Also Windows Defender doesn't have a place in this list.
Also this list should've been much more larger: Avast , Avira , AVG , Norton,Kaspersky etc ... are all good security companies that can be suggested.


eg 2:

2.Perform a system scan using your up-to-date antivirus or anti-spyware software. If any issues are found, use the software to fix the problem. When the problem is solved, your antivirus scans should not find any issues and you should not see the warning on Google again.

Maybe suggesting also the use of an on-demand scanner , like MBAM would be a good idea.
Also let me remind you that some rogues are very aggressive and won't allow the user to open their AV or on-demand scanner and running a scan ,so suggesting to use the 'Safe Mode' would be also a good idea.
At this point this tips can't really help anyone , the most important advantage for this new alert system, is that the user can be aware of the infection after seeing the Google Alert ,however for removal he will need to work a little.

 

[Ink]

Looks like they forget about software(s) in the Google Pack, such as Avast and PC Tools.