Google Malware Detector – Google recently introduced a new service to detect if a user’s computer was infected with malware and then inform the user. The warning appears as an in-browser pop-up above the Google search bar. The warning is bright yellow and contains a link to another Google page where users can learn what to do about their possible malware problem.
The service is the product of an investigation to determine the source of unusual activity patterns that were detected in Google’s data centers. It turns out that the activity was actually coming from machines that were infected with malware. Because it was a simple matter to detect the individual activity patterns, Google’s engineers capitalized on the opportunity to warn users of the potential threat in real time.
The good news is that there are a lot of computer users on the internet with no anti-virus protection whats0ever. The Google malware detector service, and future services like it, may be the only thing that saves someone from a serious malware problem. It’s quite possible that Google may eventually spin off a cloud anti-virus service and make it available to Google App users, anyone with a Google account or the entire general public. They may even bundle such a service with their Chrome browser and OS.
However, the bad news is that there may be a problem with Google’s new service as it stands right now. For years, IT departments and computer repair professionals have been warning users not to trust anti-virus or malware notifications outside of the software they know they have installed on their individual systems. The problem is that there are many fake anti-virus programs that appear in browser windows and attempt to fool the user into believing that there is a serious infection. These fake anti-virus programs ask the user to purchase their software (which does no good), or install other free software that are actually Trojan programs. Even with users being aware of Google’s new service, a malware process could impersonate that service in a web page; at that point it’s no different than any other fake anti-virus program, except that it uses Google’s good name to lend it credibility.
It may turn out that Google’s good intentions will complicate an already-difficult issue for many uninformed users; only time will tell. But that’s not the only issue. There’s the question of whether companies have the right to detect infections (or anything else) on a machine without the owner’s explicit permission. There also doesn’t appear to be a way to turn off these notifications.
It also appears that Google’s recommendations for cleaning up your system includes a very short list of specific commercial products to scan for malware. While Google is a private company and can make any endorsement it wants, it does seem a bit unfair to have a multi-billion dollar company prominently backing only one anti-malware product, effectively throwing every other malware company under the bus.
Their instructions also tell the operator to disable the Windows System Restore in their haphazard attempt to deal with the malware, and then to only seek help from a professional as the very last thing to do. Shutting down the System Restore can result in significant data loss. In fact, using the System Restore can eliminate the malware in about 50 percent of the cases, depending; but at no point do the instructions say to attempt a System Restore.
To use a little bit of hyperbole: It’s like calling the doctor after attempting to perform an appendectomy on one’s self at home with a butter knife and a bottle of alcohol. Perhaps it would be safer, and wiser, for people infected with malware to contact a trusted professional at the start.