Nothing In Particular
- pre65
- Amstrad Tower of Power
- Posts: 21373
- Joined: Wed Aug 22, 2007 11:13 pm
- Location: North Essex/Suffolk border.
#12871 Re: Nothing In Particular
Every now and then Malwarebytes lets me "trial" the pay for version.
This time it keeps telling me "website blocked due to Trojan" when I search on Google. The culprit seems to be "mickloid.xyz" but I can't find out much about it.
When my free trial ends do I need to worry ?
This time it keeps telling me "website blocked due to Trojan" when I search on Google. The culprit seems to be "mickloid.xyz" but I can't find out much about it.
When my free trial ends do I need to worry ?
The only thing necessary for the triumph of evil is for good men to do nothing.
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
- jack
- Thermionic Monk Status
- Posts: 5493
- Joined: Wed Dec 29, 2010 8:58 pm
- Location: ɐılɐɹʇsnɐ oʇ ƃuıʌoɯ ƃuıɹǝpısuoɔ
- Contact:
#12872 Re: Nothing In Particular
Sounds like you have a search hijacker installed as a browser extension. Normally the plan is to disable your browser extensions one by one until the problem goes away...pre65 wrote: ↑Fri Apr 30, 2021 11:05 pm Every now and then Malwarebytes lets me "trial" the pay for version.
This time it keeps telling me "website blocked due to Trojan" when I search on Google. The culprit seems to be "mickloid.xyz" but I can't find out much about it.
When my free trial ends do I need to worry ?
The domain was created on 23rd March this year and is served via CloudFlare, which in itself is not unusual, and is registered in the Bahamas. Recently created domains are always a concern.
Which browser are you using?
Last edited by jack on Fri Apr 30, 2021 11:37 pm, edited 3 times in total.
Vivitur ingenio, caetera mortis erunt
- pre65
- Amstrad Tower of Power
- Posts: 21373
- Joined: Wed Aug 22, 2007 11:13 pm
- Location: North Essex/Suffolk border.
#12873 Re: Nothing In Particular
W10 and Chrome.
The only thing necessary for the triumph of evil is for good men to do nothing.
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
- jack
- Thermionic Monk Status
- Posts: 5493
- Joined: Wed Dec 29, 2010 8:58 pm
- Location: ɐılɐɹʇsnɐ oʇ ƃuıʌoɯ ƃuıɹǝpısuoɔ
- Contact:
#12874 Re: Nothing In Particular
Disable all your browser extensions and see if the problem goes away.
Vivitur ingenio, caetera mortis erunt
- pre65
- Amstrad Tower of Power
- Posts: 21373
- Joined: Wed Aug 22, 2007 11:13 pm
- Location: North Essex/Suffolk border.
#12875 Re: Nothing In Particular
It does not.
I also deleted all cookies and used "Chrome cleaner".
The only thing necessary for the triumph of evil is for good men to do nothing.
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
#12876 Re: Nothing In Particular
I teetered on the edge of falling for a scam on Thursday and it reinforced the need to be ever vigilant and cynical. It was the coincidental timing that nearly caught me out.
I was expecting a scheduled delivery via Hermes. I was working at home and heard someone call at the front door but was in a Teams call so couldn't go down. About 15mins later I got a text purporting to be from Hermes saying I needed to arrange a redelivery - I almost followed the link, which looked legitimate - it was only at the last moment that I thought 'why don't they have the tracking number?'. Hermes were Hermes and delivered the following day!
I was expecting a scheduled delivery via Hermes. I was working at home and heard someone call at the front door but was in a Teams call so couldn't go down. About 15mins later I got a text purporting to be from Hermes saying I needed to arrange a redelivery - I almost followed the link, which looked legitimate - it was only at the last moment that I thought 'why don't they have the tracking number?'. Hermes were Hermes and delivered the following day!
Last edited by Ray P on Sat May 01, 2021 11:58 am, edited 2 times in total.
Sorry, I couldn't resist!
- jack
- Thermionic Monk Status
- Posts: 5493
- Joined: Wed Dec 29, 2010 8:58 pm
- Location: ɐılɐɹʇsnɐ oʇ ƃuıʌoɯ ƃuıɹǝpısuoɔ
- Contact:
#12877 Re: Nothing In Particular
Other redirects may be in place. Have you checked your hosts file etc.
C:\Windows\System32\drivers\etc\hosts
Vivitur ingenio, caetera mortis erunt
- pre65
- Amstrad Tower of Power
- Posts: 21373
- Joined: Wed Aug 22, 2007 11:13 pm
- Location: North Essex/Suffolk border.
#12878 Re: Nothing In Particular
Sadly, I'm not a computer expert.
The only thing necessary for the triumph of evil is for good men to do nothing.
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
- pre65
- Amstrad Tower of Power
- Posts: 21373
- Joined: Wed Aug 22, 2007 11:13 pm
- Location: North Essex/Suffolk border.
#12879 Re: Nothing In Particular
I followed the following instructions, but when I get to step 5 all I end up with is a file called "host file instructions".
Here are the directions on how to modify your hosts file.
Step 1.
Click the Windows button and type Notepad in the search bar.
Step 2.
Right click on Notepad and then Run as Administrator.
Step 3.
You’ll be asked, “Do you want to allow this app to make changes to your device?”. Choose Yes.
Step 4.
In Notepad, choose File then Open.
Step 5.
Navigate to C:\Windows\System32\drivers\etc\hosts or click the address bar at the top and paste in the path and choose Enter. If you don’t readily see the host file in the /etc directory then select All files from the File name: drop-down list, then click on the hosts file.
Step 6.
Add the appropriate IP and hostname at the end of your hosts’ file, select Save, and then close the file.
Step 7.
Finally, you will want to flush your DNS cache for your computer to recognize changes to the file. Click the Windows button and search command prompt.
Step 8.
Type the following command in the terminal and press Enter
ipconfig /flushdns
*
Here are the directions on how to modify your hosts file.
Step 1.
Click the Windows button and type Notepad in the search bar.
Step 2.
Right click on Notepad and then Run as Administrator.
Step 3.
You’ll be asked, “Do you want to allow this app to make changes to your device?”. Choose Yes.
Step 4.
In Notepad, choose File then Open.
Step 5.
Navigate to C:\Windows\System32\drivers\etc\hosts or click the address bar at the top and paste in the path and choose Enter. If you don’t readily see the host file in the /etc directory then select All files from the File name: drop-down list, then click on the hosts file.
Step 6.
Add the appropriate IP and hostname at the end of your hosts’ file, select Save, and then close the file.
Step 7.
Finally, you will want to flush your DNS cache for your computer to recognize changes to the file. Click the Windows button and search command prompt.
Step 8.
Type the following command in the terminal and press Enter
ipconfig /flushdns
*
The only thing necessary for the triumph of evil is for good men to do nothing.
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
- jack
- Thermionic Monk Status
- Posts: 5493
- Joined: Wed Dec 29, 2010 8:58 pm
- Location: ɐılɐɹʇsnɐ oʇ ƃuıʌoɯ ƃuıɹǝpısuoɔ
- Contact:
#12880 Re: Nothing In Particular
Rather than edit it, just view it.
It should contain only a couple of lines (excepting comments which are prefixed with a "#") like:
127.0.0.1 localhost
::1 localhost
Vivitur ingenio, caetera mortis erunt
- pre65
- Amstrad Tower of Power
- Posts: 21373
- Joined: Wed Aug 22, 2007 11:13 pm
- Location: North Essex/Suffolk border.
#12881 Re: Nothing In Particular
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
# 127.0.0.1 localhost
# ::1 localhost
The only thing necessary for the triumph of evil is for good men to do nothing.
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
- pre65
- Amstrad Tower of Power
- Posts: 21373
- Joined: Wed Aug 22, 2007 11:13 pm
- Location: North Essex/Suffolk border.
#12882 Re: Nothing In Particular
It seems to me Malwarebytes is blocking an outward bound file to this IP address.
https://dnslytics.com/ip/172.67.200.14
https://dnslytics.com/ip/172.67.200.14
The only thing necessary for the triumph of evil is for good men to do nothing.
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
Edmund Burke
G-Popz THE easy listening connoisseur. (Philip)
#12883 Re: Nothing In Particular
Knipex pliers at a good price
At the risk of someone telling me I could have bought something twice as good for half the price these seem much cheaper than anywhere else I've checked. The dreaded Amazon I'm afraid.
At the risk of someone telling me I could have bought something twice as good for half the price these seem much cheaper than anywhere else I've checked. The dreaded Amazon I'm afraid.
-
- Amstrad Tower of Power
- Posts: 10552
- Joined: Wed May 30, 2007 12:25 am
- Location: South Yorks.
#12884 Re: Nothing In Particular
Thought you were ex BT. Where’s ‘yer 81s?
Sgt. Baker started talkin’ with a Bullhorn in his hand.
- Mike H
- Amstrad Tower of Power
- Posts: 20157
- Joined: Sat Oct 04, 2008 5:38 pm
- Location: The Fens
- Contact:
#12885 Re: Nothing In Particular
Google 'mickloid.xyz'pre65 wrote: ↑Fri Apr 30, 2021 11:05 pm Every now and then Malwarebytes lets me "trial" the pay for version.
This time it keeps telling me "website blocked due to Trojan" when I search on Google. The culprit seems to be "mickloid.xyz" but I can't find out much about it.
When my free trial ends do I need to worry ?
Example:
dictionaryext.xyz - Malwarebytes Labs | Malwarebytes Labs ...
https: // blog.malwarebytes.com › Detection Types
The domain dictionaryext.xyz is blocked by Malwarebytes because it is a search hijacker that delivers a forced Firefox extension.
You may need to delete your DNS.
With Firefox I could do a complete refresh, which returns it to defaults. I think I've done this twice.
A little warning about malwarebytes - the free version is great, but I made the mistake of buying the pro version. Don't do it. It totally takes over your computer so everything is reeeaaally slooowww presumably because it's checking everything to see if it's OK. But it takes too long!
"No matter how fast light travels it finds that the darkness has always got there first, and is waiting for it."