While researching an antivirus article here at Maximum PC, we noticed something very curious: a Google AdWords link called “Antivirus xp 2008,” which led to the url “antivirus-world-2009.com.” (Don't go there)

Anyone who’s been paying attention during the last year or so know that "Antivirus xp 2008" is the name of one of the most widespread and obnoxious bits of malware floating around the internet. It hides itself in your system and launches a bogus antivirus program at intervals to warn you that you’ve got spyware and trojans and the sky is falling. Then, it recommends that you buy the pro version of the program, which presumably also does nothing except rip you off. The virus is frequently updated to evade malware removal tools, and is just generally a pain.

So why is Google advertising for it? It’s not exactly tough to figure out that the site is hosting the virus; the link is called “antivirus xp 2008” after all. Well, maybe we should say that it’s not tough for users like us to figure out that it’s a virus—we suspect that less-experienced surfers (our moms, for instance) could very easily be duped into clicking the link, particularly if they were already searching for antivirus software.

And there’s reason to believe that Google knows the site hosts malware. We know that Google purges so-called “attack sites” from its index, and when we searched for “site: antivirus-world-2009.com,” which ought to turn up all pages at that domain indexed by Google, we got zero results. This isn’t conclusive, of course; there are other reasons that a site might not be indexed by Google, but it is suspicious. Malware-hosting sites are generally designed to try to climb to the top of the Google results page, and it’s probably safe to assume that a site that advertises with Google would be search-savvy enough to get its page indexed, if it weren’t blacklisted.

So what’s the deal? Are cases like this simply oversights, or is it Google policy not to subject its advertisers to the same scrutiny that the rest of the web undergoes? A Google spokesman responded to this question in typical form, saying "Google is committed to ensuring the safety and security of our users and our advertisers. As soon as we are aware of any violations of our policy, we work quickly to investigate and remove sites that serve malware in both our ad network and in our search results. As such, we've removed this site from our ad network."

Us? We're not totally convinced. It seems like there's more Google could be doing more to insure that its advertisers aren't trying to hurt its users, and that it ought to be performing those checks before it hosts the ads.

Let us know what you think in the comments section.