Information below is from the CA website:
Win32/Hostblock Family
Date Published:
16 Jun 2004
Last Updated:
1 Aug 2006
Threat Assessment
Overall Risk: Low
Wild: Medium
Destructiveness: Low
Pervasiveness: None
Characteristics
Type : Trojan
Category : Win32
Also known as: Win32.Agobot, Win32.Agobot.RZ, Win32/Agobot.RZ.Hosts.Trojan, AntiAV.4wg!Hosts!Trojan, Win32/AntiAV.Hosts, AntiGoogle!Hosts!Trojan, Win32.Hostblock, AntiAV.Hosts.Trojan, AvBlocker.Hosts.Trojan, QHosts.Trojan, Trojan.Win32.Qhost (Kaspersky)
Immediate Protection Info
Tools
Download signature files Download signature files
Scan for viruses Scan for viruses
Submit a Virus Sample Submit a Virus Sample
Description
Win32/Hostblock is a family of trojans that make changes to the Hosts file in order to stop the user from visiting particular sites. It has been used by several malware families (of note, Win32/Agobot) in order to stop affected users from being able to visit antivirus and other security-related vendor sites.
The Hosts file contains the mappings of IP addresses to host names. Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. On XP, 2000 and NT systems the hosts file is located at %System%driversetchosts; on 9x systems the hosts file is located at %Windows%hosts.
Note: '%System%' and '%Windows%' are variable locations. The malware determines the location of these folders by querying the operating system. The default installation location for the System directory for Windows 2000 and NT is C:WinntSystem32; for 95,98 and ME is C:WindowsSystem; and for XP is C:WindowsSystem32.The default installation location for the Windows directory for Windows 2000 and NT is C:Winnt; for 95,98 and ME is C:Windows; and for XP is C:Windows.
The trojan adds or replaces entries in the hosts file to cause particular domain names to resolve to the local host (127.0.0.1) or some other incorrect address. For example, one widespread variant that we have seen in the wild effectively stops an affected user from visiting these sites:
www.symantec.com
securityresponse.symantec.com
symantec.com
www.sophos.com
sophos.com
www.mcafee.com
mcafee.com
liveupdate.symantecliveupdate.com
www.viruslist.com
viruslist.com
viruslist.com
f-secure.com
www.f-secure.com
kaspersky.com
www.avp.com
www.kaspersky.com
avp.com
www.networkassociates.com
networkassociates.com
www.ca.com
ca.com
mast.mcafee.com
my-etrust.com
www.my-etrust.com
download.mcafee.com
dispatch.mcafee.com
secure.nai.com
nai.com
www.nai.com
update.symantec.com
updates.symantec.com
us.mcafee.com
liveupdate.symantec.com
customer.symantec.com
rads.mcafee.com
trendmicro.com
www.trendmicro.com
In other words, you've got a virus and need to get rid of it. Your current anti virus software isn't capable of curing the problem, maybe because you haven't updated your profiles recently.
: