It seems that the QHosts-worm was not the only one to take advantage of the Microsoft Internet Explorer vulnerability. The owner of elict.org seems to be doing something similar. Until recently, the URL http://www.elict.org/awards.html showed up regularly in the logfiles as referrer, which encouraged you to take a look who was linking to you. On that page, they rewrote the hosts-file so that all important Adservers would point to the IP 18.104.22.168. According to the Alexa-Trafficrank, it seems as though this was a rather successful endeavor.
Update (10.17.): The owner of the elict.org domain has issued a statement on this issue on the Abakus-Internet-Marketing forums.