-= Gametoast.com =-

The "Windows Antivirus" virus has once again infected numerous internet ads including Google's. For the time being I would recommend using Adblock Plus and/or NoScript until the infected ads are removed from sites that use them. Updating Java to Java 6 Update 29 will also help, because recently a huge exploit was discovered and Malware creators have already rolled it into their toolkits.

In the event of one of you getting the virus, Malwarebytes and ComboFix have been confirmed to work against it. However, there are certain variants of this virus that will require more than just removal and may require a System Restore or even a reformat.

Just a warning for those who don't want to spend Christmas throwing your computers out of a window in frustration. At least when it happened to me it was in May and during finals, I would hate to get it on a vacation.

Edit: Removal guide.

Good thing I already use both of those, except on one computer, which is Ubuntu, so hopefully no problems there...

Do you know if you have to click on the ad, or is loading the page with the ad enough to get infected?

If the ad appears then it will start downloading the virus. They're not even the annoying kind that float over your screen, it's usually just a static image and then 40 seconds later you start having this random program telling you all of your files are infected and you should scan them while it closes out almost every other running .exe.

Wow, thanks for the heads up and information, Fusion. I'll be sure to keep a lookout.

As Cerforn said, thanks for the heads up. I have a little question thought, if you don't have the standard Windows antivirus program enabled, will the virus still occour?

That's just the name of the virus. It installs a program with a variant of the name "Windows Antivirus." It doesn't matter if you have Avast, McAfee or AVG, it'll always have that name. The original intent of the virus was to fool the elderly or the uninformed into giving their credit card info to the malware creator, so that's why it tries to look official.

Ah, ok, I understand. Thanks for the reply!

Edit:
My sister got this virus on her school computer, and since it's her school computer she has no administrative rights nor can he get help from someone working at the school untill after christmas vacation. I'm wondering if anyone know how to do this without administrative rights, or if it's impossible. I'll take any help I can get, and thanks from my sister and me.

Does the school computer have an anti-virus program?

I can't find it anywhere, so I consume there is none.

Edit:
Something I forgot to mention is that I've gotten to the step to where I can open .exe files, so that shouldn't be a problem.

Try to get an anti-virus scanner on a usb, and then load up the PC in safe mode. You then may be able to run a scan and remove the virus, but I'm not quite sure.

Thanks, I'll try that, but not today I think. I'm too tired for that right now. I'll tell you what happens.

Alright, good luck.

You can also try changing the clock a week forward. The poorly coded versions will only antagonize you for a week, and they determine that by the on-board clock.

@Fusion: seeing as it needs administrative rights it didnt work.

@Cerforn: it needs administrative rights for that too.

I guess she'll have to wait till after the vacation. She can borrow our mother's old laptop for a while. She mostly uses it for webbrowsing anyway.
Thanks for the help though, we really appticiate it

You should try a system restore before you do anything else.