Last week, I found several Google search results for popular terms leading directly to a virus download. The following 6 domains were hijacked by attackers:
These 2 domains serve an executable with the name www.com. It is detected as malicious by only 5 AV vendors out of 42.
|Virustotal result page|
|Malicious file download attempt|
Once again, the best protection, and often the only one, is to educate users to not download and install any file unless they fully trust its origin, and explicitly requested the download.