Windows Host File+quarantine Question

Greetings, new to this forum and i have 2 questions.

1. the simple one i think, I have some files in the quarantine, of wich i know they are virusses, but i don't like to have them on my PC,even if they are unable to run.

How do i not only remove them from quarantine, but also from my HD?( so far i use a rather aggresive scan each 2 weeks, wich has ''delete'' as first actian, but mostly at night )

2. ive just took a look at my windows host file, don't know why actually, probaly 'cause i got infected with some silly virusses(they where actually blocked though )

But i found some stuff wich i don't trus, see the list below (the upper part is in dutch, but it is all about the list)

List from windows Host file:

# Dit is een voorbeeld HOSTS-bestand dat wordt gebruikt door Microsoft TCP/IP for Windows.

# Dit bestand bevat de toewijzingen van IP-adressen naar hostnamen. Elke vermelding

# moet op een afzonderlijke regel staan. Het IP-adres dient in de eerste kolom te worden

# geplaatst, gevolgd door de bijbehorende hostnaam. Het IP-adres en de hostnaam dienen

# gescheiden te zijn door ten minste één spatie.

# Daarnaast kunnen opmerkingen (zoals deze) worden toegevoegd op extra

# regels of gevolgd door de computernaam, voorafgegaan door een #.

# Bijvoorbeeld:

# 102.54.94.97 rhino.acme.com # bronserver

# 38.25.63.10 x.acme.com # x clienthost

127.0.0.1 localhost

127.0.0.1 www.newsleecher.com

127.0.0.1 newsleecher.com

127.255.255.255 serial.alcohol-soft.com

127.255.255.255 www.alcohol-soft.com

127.255.255.255 images.alcohol-soft.com

127.0.0.1 bin.errorprotector.com ## added by CiD

127.0.0.1 br.errorsafe.com ## added by CiD

127.0.0.1 br.winantivirus.com ## added by CiD

127.0.0.1 br.winfixer.com ## added by CiD

127.0.0.1 cdn.drivecleaner.com ## added by CiD

127.0.0.1 cdn.errorsafe.com ## added by CiD

127.0.0.1 cdn.winsoftware.com ## added by CiD

127.0.0.1 de.errorsafe.com ## added by CiD

127.0.0.1 de.winantivirus.com ## added by CiD

127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

127.0.0.1 download.cdn.errorsafe.com ## added by CiD

127.0.0.1 download.cdn.winsoftware.com ## added by CiD

127.0.0.1 download.errorsafe.com ## added by CiD

127.0.0.1 download.systemdoctor.com ## added by CiD

127.0.0.1 download.winantispyware.com ## added by CiD

127.0.0.1 download.windrivecleaner.com ## added by CiD

127.0.0.1 download.winfixer.com ## added by CiD

127.0.0.1 drivecleaner.com ## added by CiD

127.0.0.1 dynamique.drivecleaner.com ## added by CiD

127.0.0.1 errorprotector.com ## added by CiD

127.0.0.1 errorsafe.com ## added by CiD

127.0.0.1 es.winantivirus.com ## added by CiD

127.0.0.1 fr.winantivirus.com ## added by CiD

127.0.0.1 fr.winfixer.com ## added by CiD

127.0.0.1 go.drivecleaner.com ## added by CiD

127.0.0.1 go.errorsafe.com ## added by CiD

127.0.0.1 go.winantispyware.com ## added by CiD

127.0.0.1 go.winantivirus.com ## added by CiD

127.0.0.1 hk.winantivirus.com ## added by CiD

127.0.0.1 instlog.errorsafe.com ## added by CiD

127.0.0.1 instlog.winantivirus.com ## added by CiD

127.0.0.1 instlog.winfixer.com ## added by CiD

127.0.0.1 jsp.drivecleaner.com ## added by CiD

127.0.0.1 kb.errorsafe.com ## added by CiD

127.0.0.1 kb.winantivirus.com ## added by CiD

127.0.0.1 nl.errorsafe.com ## added by CiD

127.0.0.1 se.errorsafe.com ## added by CiD

127.0.0.1 secure.drivecleaner.com ## added by CiD

127.0.0.1 secure.errorsafe.com ## added by CiD

127.0.0.1 secure.winantispam.com ## added by CiD

127.0.0.1 secure.winantispy.com ## added by CiD

127.0.0.1 secure.winantivirus.com ## added by CiD

127.0.0.1 support.winantivirus.com ## added by CiD

127.0.0.1 trial.updates.winsoftware.com ## added by CiD

127.0.0.1 ulog.winantivirus.com ## added by CiD

127.0.0.1 utils.errorsafe.com ## added by CiD

127.0.0.1 utils.winantivirus.com ## added by CiD

127.0.0.1 utils.winfixer.com ## added by CiD

127.0.0.1 winantispyware.com ## added by CiD

127.0.0.1 winantivirus.com ## added by CiD

127.0.0.1 winfixer.com ## added by CiD

127.0.0.1 winfixer2006.com ## added by CiD

127.0.0.1 winsoftware.com ## added by CiD

127.0.0.1 www.drivecleaner.com ## added by CiD

127.0.0.1 www.errorprotector.com ## added by CiD

127.0.0.1 www.errorsafe.com ## added by CiD

127.0.0.1 www.systemdoctor.com ## added by CiD

127.0.0.1 www.utils.winfixer.com ## added by CiD

127.0.0.1 www.win-anti-virus-pro.com ## added by CiD

127.0.0.1 www.win-virus-pro.com ## added by CiD

127.0.0.1 www.winantispam.com ## added by CiD

127.0.0.1 www.winantispy.com ## added by CiD

127.0.0.1 www.winantispyware.com ## added by CiD

127.0.0.1 www.winantivirus.com ## added by CiD

127.0.0.1 www.winantiviruspro.com ## added by CiD

127.0.0.1 www.windrivecleaner.com ## added by CiD

127.0.0.1 www.windrivesafe.com ## added by CiD

127.0.0.1 www.winfixer.com ## added by CiD

127.0.0.1 www.winfixer2006.com ## added by CiD

127.0.0.1 www.winsoftware.com ## added by CiD

Strange it sure is, a couple months ago i had a look as well, and there was only one in the list,and that was the local host one,so is this the work of a virus?or can i simply ignore this?

The most strange thing is, i never use those apps listed, like winantivirus, so it is kinda weird, might be because it is late here, ###### virusses mess up my night sleep

Im using Bitdefender Anti virus v10 plus.

Agnitum outpost firewall pro (newest)

WEbroot Spy Sweeper(newest)

Windows XP Home SP2

C2D E6400 2.14Ghz

2GB RAM 667 Mhz

Dear regards,

Yorick Peterse

Find more posts tagged with

Comments

claudiu

1. if you delete the files from the quarantine they are removed from hdd.

2. as for the host file , you have either used or you are using illegal copies of some software programs. shame on you...

Niels

Hello Yorick Peterse

Your first question is already answered correctly by claudiu.

Did you use a kind of security program? Such as spywareblaster,spybot search & destroy, ... Because these programs add these changes to your host file so you can't visit these risk sites. If you don't have enable that feature delete all references except 127.0.0.1 and save the hosts file under the same name. Also keep the examples. Also malware can misuse your host file to redirect you to any site they want.

Regards

Niels

Hello claudiu

That is not true security programs make also these changes so you can't access these websites. The immunization function of spybot search & destroy has this feature also spywareblaster,....

This has nothing to do with illegal copies of something. Malware uses this also so they can redirect you to any website they want. Here some information: hostsfile and here : Hosts file

Regards

Niels

maximus

Niels posted a link to MVPS host file, i suggest to use it, it will block a lot of adds and "bad" sites.

Yorick

Thanks guys, that helped a lot.now i can delete those virusses, i used a custom scan wich had ''delete'' as first actian, but it sad ''Archive repackaging failed'' and the virus was still there, now deleted it manually, and deleting those in the Quarantine.

@Claudio.

And if i am using illegal software, that would be none of youre buisness.

This is probaly the work of one of my Security programs, i had many of the past months.

Thanks a lot!

Niels

Hello Yorick Peterse

Glad that we could help you. If you still have problems to remove several viruses please make a topic in the malware section. Archives you have always to delete manually that is also the case when an infection is found in a installer.

Regards

Niels

claudiu

Niels , i know what the host file is along with the fact that some security tools do modify it

I also know how to recognize an auth server check bypass of some known virtual cd/dvd tool meaning

”127.255.255.255 serial.alcohol-soft.com

127.255.255.255 www.alcohol-soft.com

127.255.255.255 images.alcohol-soft.com!”

”This is probaly the work of one of my Security programs, i had many of the past months.”

Indeed. <img class= " /> Must be that ###### Bitdefender Antivirus