The feature only covers one specific “strain” of malware. According to Google: “This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called ‘proxies.’”
That’s enough detail for Google to know when a user making a search is doing so on an infected machine. It’s now providing a warning to such users reading “Your computer appears to be infected. It appears that your computer is infected with software that intercepts your connection to Google and other sites.”
Matt Cutts, one of the most senior figures in Google’s search department, later clarified that the malware in question only affects Windows. He also noted that simply visiting Google doesn’t trigger the check: users need to carry out a search to find out whether they are infected.
Google doesn’t give a name for the malware, but does link to advice about security measures, which appears to be written for less tech-savvy users. The company does specifically recommend Malwarebytes’ Anti-Malware, Spyware Doctor with Anti-Virus and MacScan to those who don’t have security software already installed.
It also suggests typing “antivirus” into Google, which sounds a bit of a gamble to say the least, even if it does warn users to take great care to verify any software before installing it.
While some might argue it’s not Google’s place to be warning people about malware, the move makes sense to me. Indeed, given that the company knows for certain that particular users are infected, it would arguably be irresponsible not to mention it. And while it’s only one form of malware that’s involved, delivering a warning through the Google results page is probably the single most effective method of reliably reaching as wide an online audience as possible.