It’s not just Justin Bieber photos. Virus experts say Google’s image search is infested with fake images that, once clicked, take your browser to sites that are serving fake anti-virus software, which, of course, are packed with real viruses:

Denis Sinegubko, a Russian malware researcher who has been studying the fake anti-virus campaigns, called this tactic “the most efficient black hat trick ever,” and said it is exceedingly easy to set up. He said he’s received access logs from the owners of several hacked sites, and has used the data to estimate the traffic Google sends to these bogus image search pages. Sinegubko reckons that there are more than 5,000 hacked sites, and that the average site has been injected with about 1,000 of these bogus pages. The average page receives a visitor from Google approximately every 10 days, he said, which means Google is referring about a half million visits to fake anti-virus sites every day, or about 15 million visits each month.

For example, one of the hacked sites Sinegubko said he saw access logs for was in Croatia; It had a Google page rank of zero prior to being compromised with the phony image search scripts. The logs showed that the site had been hacked on Mar. 18, 2011, and that Google began indexing the tainted image pages the next day. “During the next 5 weeks it has indexed 27,200+ doorway pages on this site,” he wrote in a blog post on his findings. “During the same 5 weeks Google Image search has sent 140,000+ visitors to this small site.”

If you encounter one of these things, stay calm, don’t click anything, and force quit, or on Windows, hit Ctrl-Alt-Delete, select the browser process you are using (firefox.exe, iexplore.exe, etc.) and shut it down. And be careful: even without hidden viruses, some Google Image searches are already embedded with Poison.