www.regnow.com - Hosts File?

C

Curious

New member
:spider:The entry wxx.regnow.com appears in the 'to be avoided' hosts file thus redirecting anything sent to this adddress to 127.0.0.1(local). It is also the address used by MilShield by which to direct on-line payments. Is this a false positive or are both MilShield 5.6 and wxx.regnow.com shonky? Doing a oit of a look around on the web wxx.regnow.com appears to be a fairly widely used site for payment. Views please


More than Curious!!!
 
Last edited by a moderator:
Re Which Hosts file?

The entry appears in the list of Spybot 'Hosts' redirected to 127.0.0.1 as per the latest Spybot downloads. Sorted alphabetically (by clicking the top of the column) it appears between wxx.realm.superbahamas.com and wxx.releasefolife.com. As to where it came from I expect its whoever updates that (rather large) list?

I am attaching a screen dump to show you. Ooops I can't. You have 19.5kb limit and the screen dump bmp file is about 2meg.

Is there anyway I can send you the file that came from the Spybot download? Where would I find it?

Still Curious

PS I only managed to track it down because I checked Spybot for the name of the site that redirected me to 127.0.0.1
 
Last edited by a moderator:
Further Update

I checked another computer which has Spybot loaded and updated however the Spybot Hosts List file contains neither regnow.com nor wxx.regnow.com!

The entries do appear on the computer that initially displayed the problem in both the Spybot Hosts listing (see previous message) and the Windows XP 'hosts' file between the 'remark' heading and footer that the entries (along with many others) have been inserted into the file by Spybot.

From my point of view I will delete the false positives from the offending files manually. In general, it seems that the Spybot 'Hosts Sites for 127.0.01' add to but do not replace entries from preceding updates when updated.

I will leave it to the SB gurus to explain how the differential technically occurs.

Presuming that regnow.com and wxx.regnow.com ARE false positives, I expect other users can delete them from the appropriate files if they wish to.

I would still appreciate some expert advice on this.

Curious now becoming Confused
 
These two (2) entries appear to have been added to HOSTS file with the updates of 2006-08-25 and removed with the updates of 2006-12-29:
To add Spybot's Hosts file to your HOSTS file click on "Add Spybot S&D hosts list". Spybot will take a backup of your current HOSTS file and then add its entries. Spybot marks the beginning and the end of the HOSTS file entries it adds with comments as follows:
  • # Start of entries inserted by Spybot - Search & Destroy
    127.0.0.1 babe.the-killer.bz
    127.0.0.1 www babe.the-killer.bz
    127.0.0.1 babe.k-lined.com
    127.0.0.1 www babe.k-lined.com



    # This list is Copyright 2000-2004 Patrick M. Kolla / Safer Networking Limited
    # End of entries inserted by Spybot - Search & Destroy
When you use the "Remove Spybot S&D hosts list" button in Spybot, it removes the entries between those comments and leaves the other entries in your HOSTS file intact.

If you have already added Spybot's Hosts file, clicking the "Add Spybot S&D hosts list" will merge any new entries that have been added to its list during updates into the existing entries in the HOSTS file. To prevent the retention of items deleted from Spybot’s HOSTS file entries after updates, click the "Remove Spybot S&D hosts list" before clicking the "Add Spybot S&D hosts list".
 
Thanks md_usa_spybot_fan for clearing up the issue.

I wasn't aware prior to this circumstance re the need to delete the list prior to updating. I checked for duplicates but did not consider deletes.

Maybe a nice addition would be to incorporate an auto cleanup of the 'old' hosts before the update. It would be a safe bet that these entries would not be the only stale data in potentially a lot of Spybot Users 'hosts' file I would think.

Thanks

Curious has now become Enlightened
 
You must log in or register to reply here.
Back
Top