From PC Magazine:

Malware authors are beginning to nibble at Google's text advertising money pie.

According to a warning from anti-virus vendor BitDefender, a new Trojan is making the rounds, hijacking Google text advertisements and replacing them with ads from a different provider.

The Trojan.Qhost.WU threat works by modifying the hijacked computer's Hosts file to redirect the initial query to the Google AdSense servers to a malicious host.

Instead of getting advertising content from Google's "page2.googlesyndication.com" domain, the Trojan, discovered Dec. 17, instructs the infected machine to fetch ads from a different, third-party ad server, according to BitDefender virus researcher Attila Balazs.

BitDefender did not identify the rogue third-party ad server.

Balazs said the threat is a worry for Webmasters and end users.

"Users are affected because the advertisements and/or the linked sites may contain malicious code, which is a very LIKELY situation, given that they are promoted using malware in the first place. Webmasters are affected because the Trojan takes away viewers and thus a possible money source from their WEBSITES," he said in a statement.

Over the past year, malicious hackers have turned their attention to ad networks as vehicles for drive-by malware downloads.

In November, security researchers found DoubleClick serving up massive amounts of ads for bogus anti-spyware programs in place of legitimate advertising. Before that, advertisements served by RealNetworks' RealPlayer were also used to EXPLOIT a zero-day software vulnerability.From what i've read this exploit only will run on XP machines without SP2 and all current UPDATES.
Anyone doing that is foolish to say the least...Once I agreed to format and reinstall XP for a friend. He had an ancient XP disc without any of the service packs slipstream to it. I failed to realize that his computer was connected directly to the INTERNET without a router to act as a firewall in between. Before the XP desktop had finished loading for the first time after the reinstall, the computer had already been infected by 2 or 3 worms.
I learned a couple of things that day...
Always have a router handy when doing a reinstall.
And updating an XP installation without any service packs slipstreamed takes forever.

So yes letting a computer loose on the internet that's anything less than fully updated is just dumb. And a hardware firewall never hurts either.

I had a similar situation when fixing my Grandma's machine. Restored XP to realize she was on a modem. Downloading all the XP updates on a modem is not fun.