On May 22nd, Google’s security team started informing users whose computers are infected with the malware DNSChanger. You might wonder how on earth would Google get the names or contact details of these users! Although, Google tracks everything they can’t resolve an IP address to a name of a person given that this information is not provided by a third-party such as an ISP but this would be a breach of privacy laws in many countries. However, Google would simply show a special warning message when users with infected devices perform a Google search!
Read more – http://googleonlinesecurity.blogspot.co.uk/2012/05/notifying-users-affected-by-dnschanger.html