The most likely cause is a malicious alteration to your Hosts file, or the addition of another, bogus Hosts file.
1. Open Windows Explorer, click the Search button, and:
- In the box where you specify a filename to search for, type "hosts" (without the quotes).
- In the "Look in:" box, select My Computer.
- Make sure the search options are set to search subfolder, system folders, and hidden folder.
- Perform the search.
2. The only valid Windows Hosts file are:
Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC\Hosts
Windows 98\ME = C:\WINDOWS\Hosts
Open the Hosts file which corresponds to your version of Windows in Notepad and examine its contents.
Be sure to scroll through the entire file! Some infections try to hide their modifications at the very end of the file by padding the middle of the file with blank lines.
3. The only entries in the default Hosts file are the following:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
If your Hosts file contains any otherentries in the format of the "127.0.0.1 localhost" entry, delete all of them (except the "127.0.0.1 localhost" entry), save the file, and close Notepad.
4. If you find other files anywhere on your system named Host, tell us what they are.
Unsolved 
Offline 
