Ad banner opens browser tab without user input!

Question



I got two reports from my app users stating the Microsoft ad banner in my app opens a browser tab without any user interaction with the ad banner! On top of that, the browser tab that opens is cleary a malicious website - see screenshot below.I am one step away from completely removing the ad banner from all my apps - this is not acceptable!

Both users are located in Germany, in case that helps finding the cause of the issue.



Answer 1

My german app users reported exactly the same behavior. This is completely unacceptable! 

Answer 2

Hi T.Partl,

Is this for a small number of users or a large number of users? If it is for individual users, this does not rule out the possibility of personal device poisoning. If it is for most users, we need more detailed info(Don't provide private info) to track the ads.You could provide the detailed information in support ticket to ask the team which could track your ads for help directly.

Best regards

Daisy  Tian

---

MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

Answer 3

It affected 3 users so far (within 1 week) and I havent heard before about this issue for more than 2 years. So it's pretty safe to say it is not device poisoning.

What more detailed info can I give you to solve the problem?

This needs to be solved quickly. I cannot accept ads like this in one of my apps - it is massively damaging my apps' reputation

Answer 4

I just got another report from another German user - makes it a total 4 (so far).

It seems like for German users this is a problem that occurs multiple times a day - not just randomly!

These are 2 links that are being opened in the browser (x-ed out the ip address in the link urls). Based on the URLs, the ads come from AdNexus: 

https://bewinnertoday.club/DE493/Unitymedia/samsung.html?ip=xx.xxx.x.xxx&brand=Desktop&cep=0fd8OrSVF-_KblmG4YBmwRajGFfuYI-rmEpFyznvqquBaPn8uQ9CXgvoThoDwCIJzqYsXrLZ17Oh5PqPcoVRVJAJv3AUyrI34JX3lWYvo1ZvPxMxrP0H0rpM8BTa9MVOezh58CNakBd4KXYAqHvQ5XHamdFh1l-bzYAhj_FCm4uOVl5nKGmvNkkJKaYfBrGXalWS0TexFGPOMQT6asIpBKswLfhQpTAqQNFrWTZzgHE&dom=microsoft.com&ub=adnexus

https://lottery-free.info/DE123/index-DE.html?isp=Unitymedia%20NRW%20GmbH&city=Karlsruhe&ip=xx.xxx.x.xxx&model=Desktop&brand=Desktop&cep=_fLVnVsxbZaUQ--NDD4auVF4sNcY4xnziEpOwnKykVsLUc96e1ivqBa2pb7WaDeyHh_FXBnM5ZPQJ0RT2SJ7grS0en9XrESlMOFBAnm5IqK_x1yo2LttSfyvdIl2f19Z00K4oo26k1bNHxlDi_FguPr50i6IRO_dgcm5ZM2pdWYvQwyHhsW6RSS94l2SDafDrl0H8-KC27KqdR1mqNG0Yv13Q7s4vr43iYnio7_U-QA&dom=microsoft.com&ub=adnexus#b

Answer 5

Hello,

my app is also affected in Germany. URLs are opened in the browser without user actions, e.g.

https://activity-free.pw/DE258/Vodafone/samsung.html?ip=...
https://lottery-free.info/DE123/index-DE.html?isp=Vodafone%20Germany&city=H%C3%BCrth&ip=...

The URLs contain my IP address and other information about the device.

My app uses 2 types of AdControl dimensions. So far it concerns the AdControl with size 728 x 90. The AdControl itself remains empty. It occurs every second time when I open the app or refresh the content. In the Partner Center, I set Microsoft to decide which ads to display.

Best Regards
Heiko

Answer 6

Hi, 

I have the same problem and i am able reproduce this issue. something is "Adnexus" in the url and it redirects  website called "up.trkgenius.com" which is known as adware. you can go the path

C:\Users\user\AppData\Local\Packages\myApp\AC\INetCache\ folder

Under this folder there is secret folder (it is not even hidden), you can only reach this folder by entering the name. this folder caches images like below and among those images there javascript file trk.js like shown below. this js is responsible of doing it i believe. Just find your app folder and search for".js" and you will see it. 

Please fix this problem urgently. it looks like someof your provider is responsible for that. It looks like "AdNexus" in the url but in th developer console. i dont see this provider. there is only "appnexus"



---

"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

Answer 7

it has nothing to do with the users or whatever. it has something to do one of your provider. they provide adware banner and those banners download a javascript as my other reply. this Js is executed everytime a user redirects to the page with this adware. it is all users basically

---

"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

Answer 8

Hi all,

Thanks for providing these information for our to analyze. I will immediately report this problem to AD team.I will update here if I get the response from the team.Sorry for any inconvenience.

Best regards

Daisy  Tian

---

MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

Answer 9

I have removed all the possible ad networks as shown below but problem still persists. only remained are 2 

- Community Ads

- Oath and AppNexus

I am not able to remove Oath and AppNexus. it is readonly seems like that most probably it is the one responsible for this error. because Community ads cant be as we cant insert js files.

---

"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

Answer 10

Hello,

I proceeded slightly differently, facing the same issue of the ad opening up a browser .I got this interference with my mail box after turning the dhcp automatic connect option on my home live box .Clearly the ip that is assigned is 93.133.126.137 .

Now, just below, I am reproducing the url adress of what we called "browser" .I am just taking care of erasing the first two characters in the adress to avoid interferences after pasting:

 tps://free-surprise.live/FR328/Orange/samsung.html?ip=92.133.126.137&brand=Desktop&cep= (...)&dom=webmail.orane.fr&ub=adnexus

The (...) brackets are substituted by me .It is in the place of a long series of letters and numbers .

As you can see, the adress is slightly disguised, because all parts before the "html?" mark brings no return on the web .

Besides, I am coping the adress of my webmail page where the interference occurs with the surging banner so that you can see the parallel structures used in both free surprise and my web provider.As before, I have taken the first two characters off:

tps://webmail22.webmail/fr FR/read.html?IDMSG=466&FOLDER=SF INBOX&ORIGIN=&SORTBY=1&PAGE RETURN=1orange.fr/

As you will notice it, = and & signs part between elements in exactly the same order for an equal number of elements so that a technician whom I am not may compare them .

I pushed further after noticing that the actual "live portion" of the banner's adress starts from "html?" .

Using either my Orange dhcp connection or turning it off to connect with "open dns", the only result I can retrieve from the web, using "bing", after entering html?ip=92.133.126.137, is as follows below .

maguro.2ch.sc

Well, using the search engine from two very remote and different servers leads to just one result in the list of results .This gives it some certainty .

Now, if clicking on the link for Maduro, I can reach an url with this adress in the browser, again without the two first letters:

tp://maguro.2ch.sc/test/read.cgi/sposaloon/1337142937/29n-

It would be somewhat hard to operate the ns look up function here, up until you would see that the pages are empowered by w.IME.ST .

Checking up this ip gives this: IP owner Netim /165 Ave de Bretagne 59000 Lille France / w.netim.net / ph (33)972307470 .

It has no "abuse at ..." adress .

To finish, if you click on any of the paragraphs on the MADURO site, you see they are grouped by dates, up until 18 th of April and if you link up tp://2ch.sc/2ch.html, you have groups up 19th .

All groups have lines with each of them indexed information using ID symbols and each paragraph has associated dns adresses next to it; for example, here are those dns adresses for the 19 th april, starting as 126 (there are more but in limited numbers) :

126.163.179.41/   .194.128.151/    .182.79.108/    208.241.177/

Here it is .To me, it looks like ip adresses are stuck to be read at certain times during users' operations and the system is disbalanced when changing dns server so that such an event can happen visibly .In other words, the occurance is on the computer for a part of it, and on the server for the other part .

I am not a tech, just a user, hoping this has been useful .

Bests .

                                                             pierre

 

Answer 11

Hi all,

Thanks for providing these information for our to analyze. I will immediately report this problem to AD team.I will update here if I get the response from the team.Sorry for any inconvenience.

Best regards

Daisy  Tian

---

MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

Are you really serious that a company like Microsoft is unable to fix such a catastrophic problem in hours, if not days at least? This is illegal shit! Stop it!

Answer 12

lottery-free.icu/DE205/…
activity-free.icu/DE498/…
free-lucky.asia/DE222/...
free-lucky.world/DE132/...

Answer 13

Hello,

If the PC is slow, you can see that this URL is loaded first:

https://chanelets-aurning.com/478f0183-3448-4c1e-b89a-8a7f2c52f324?dom=microsoft.com&ub=adnexus

The content of this site is:

<html><head><link rel="icon" type="image/gif" href="data:image/gif;base64,R0lGODlhAQABAPAAAAAAAAAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw=="/><meta http-equiv="refresh" content="0;URL='http://track.nuxues.com/?utm_medium=7261755a0e1fb7e9b58250a6b8553edd37222a37&utm_campaign=Globale%20remanent%20traffic&cid=wFJ3P0SO2UK777UL18D4OP9S'" /></head><body><script>window.setTimeout(function(){window.location.replace('http://track.nuxues.com/?utm_medium=7261755a0e1fb7e9b58250a6b8553edd37222a37&utm_campaign=Globale%20remanent%20traffic&cid=wFJ3P0SO2UK777UL18D4OP9S');}, 0);</script></body></html>

Then one of the sites already mentioned here will be opened.

Best Regards,
Heiko

Answer 14

Meanwhile the 1 star reviews continue to pile up.  Ridiculous.  This is the type of issue where people should be called in to work on the weekends.

Answer 15

Hi all,

The relevant team of Ad has informed me today that they are dealing with this problem today, we are deeply sorry for the inconvenience caused.

Best regards

Daisy  Tian

---

MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

Answer 16

Hi all,

The relevant team of Ad has informed me today that they are dealing with this problem today, we are deeply sorry for the inconvenience caused.

Best regards

Daisy  Tian

---

MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

Can I tell the 127 app users who complained about the illegal popups that the problem has been solved and will not reappear?

Answer 17

Are you still working on a solution or did you just accept it?  What do you think about answering?

Answer 18

I have the same 20 minutes ago:
1) https://track.nuxues.com/?utm_term=6684326201999229393&clickverify=1&utm_content=fdc2c69a9cafac9c949390a19e9194a589bbcdb9cbbfbc8c848380b1818f8db5a7babab98ebd8c8db3838081eae6eae1e9f8f9e9fbb2eceffbfef1e3ef97a595ad84878e828acca48c80cee1d4d3e4d7cefbf8f98a8d8998f2f3c1f1c7c1c4c5caf2f8f9cecfcc92

2) http://www.microsoft.com-maintain-pc.live/tonic2/?ip=37.201.228.170&city=Essen&os=Windows%2010&model=Desktop&td=tracking.marketing&zn=2006&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F73.0.3683.103%20Safari%2F537.36&browser=Chrome&browserversion=Chrome%2073&language=de&connection=BROADBAND&isp=Unitymedia%20NRW%20GmbH&carrier=&campid=a5ebe458-6edc-4e83-b189-0b52ce6167e0&cep=jKrTPxst1pz9tJgnSFbb-5RLAKsq51kwLZNCBmMYSrrRpx7DTlLcEbcFdmVcSTUUzjH0M-O9V3Y2D5ictkW4aso779tpy4YFhYDyPKlYXbGAo6yjReKmyijZUtwgJxVKSeCUUcKPMMY66mQ5aOivuRvPM-XuhozWDpZfNoRtYSJ-TWfKP6beyUw_20U40M6oVbKNoBz7VQuUdOFJ0o63tDSYIMIx-jn_94uBK0at9eVAYJ4sXtrSaEaFmeXjVfyQ&partner_id=2006&pid=2006-2744ec5z&payout=%5B%5Bamount%5D%5D&clickid=6684326201999229393

Answer 19

The Apex ads that are being spammed also take control of the Xbox One cursor and either move the cursor to the middle of the screen or pull the cursor into the ad.

Answer 20

The Apex ads that are being spammed also take control of the Xbox One cursor and either move the cursor to the middle of the screen or pull the cursor into the ad.

oh my good. this is awful. i have most of my users on xbox. i was wondering why my purchases are going down. MICROSOFT please fix this. 

---

"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

Answer 21

I also have still the same issue.

Answer 22

Popup ads are back.  They are waiting for the weekend because they know that Microsoft and other companies don't monitor over the weekend.  This is the second weekend in a row with popup ads.

Answer 23

This is killing the user experience for any app which uses Microsoft's Advertising SDK.  How do you expect users to trust using any app on the Microsoft Store when they keep having a browser popped open with an obvious scam site?  Why aren't people being brought in to work this until it is fixed?

Answer 24

Thank god I found this post after a while. 

In the begining I thought of users going nuts or some evial rival.

After more and more negativ Reviews coming in, I did some updates, used different Computers, reviewed the Code and so on (it took me Hours, sorry days)…

And finally I found this post an went crazy... 

@Microsoft: please, please, please fix this - this is actualy destroying my business.

Answer 25

Micrsoft support is blaming it on the apps when users contact them.  Support tells the users it is an app issue when they know this is not true, but this is a common issue with Microsoft Support as they will always try and push the blame on apps.

Answer 26

This is becoming very serious. we are suffering with users negative reviews. can you please help here? how hard is for you to solve this urgently?  

---

"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

Answer 27

Apex ads that are being used are also taking control of the Xbox One cursor and moving it.  Another bad user experience.

Answer 28

Hi all,

The relevant team of Ad has informed me today that they are dealing with this problem today, we are deeply sorry for the inconvenience caused.

Best regards

Daisy  Tian

---

MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

Daisy, can we get an update?  Is there anything being done to prevent the ads from popping up scam sites in the future?  Will this require a SDK update?  Unless something is done to prevent the script causing popups, I have a feeling the advertiser will continue to do this on the weekends when Microsoft is unavailable.

Answer 29

Are there any offical news on this? At least customer complains are decreasing…

By the way, "Microsoft News" App ist also suffering this issue (have a look at latest 1* ratings).

Answer 30

Are there any offical news on this? At least customer complains are decreasing…

By the way, "Microsoft News" App ist also suffering this issue (have a look at latest 1* ratings).

Customer complaints are only decreasing because the ads typically run Friday evening through Monday morning.  The hours Microsoft is unavailable.  Unless they have put measures in place to prevent advertisers from popping up a browser without user interaction, this will continue every weekend.

Answer 31

Just as I said that the popup ads would continue on the weekend, users are reporting they are back.  No word from Microsoft on this after two weeks.

Answer 32

What is the status here? is that problem already fixed?  is there website or ticket system to open an official ticket?
 

---

"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

Answer 33

What is the status here? is that problem already fixed?  is there website or ticket system to open an official ticket?
 

---

"Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it."

1) Status = still exists.

2) Microsoft will be working extremely hard to find the problem (but not actually get anywhere)

3) There is exactly zero point in any official ticket, weve all done that and all that happens is that in 3 months time the ticket will get closed and you revert to step 1 above.

Answer 34

My dad is having the same issue. He gets one of theese popups when playing Microsoft Mahjong.

Urls look like this:

https://chanelets-aurning.com/478f0183-3448-4c1e-b89a-8a7f2c52f324?dom=microsoftcasualgames.com&ub=adnexus

Answer 35

Yes, this is sadly still going on. I noticed it myself today.

When just scolling trough the (UK branded) Windows News App, each new page load - and with that loading of payd Advertisement, opens up scam/pishing sites.

First it opens 

https://chanelets-aurning.com

which then forwards in a fraction of a second to advertiser

https://track.nuxues.com

which then forwards to the final scam website

https://31c6e60138e4f991c8bb-d29c350405afd5134a844ec8cbb88f53.ssl.cf6.rackcdn.com/index.html?ip=46.91.xxxxx …(IP from Germany)

As annoying and dangerous as it is from Microsoft, I ALWAYS believe that good apps (from Microsoft and independend app providers) should always be Ad-free. As one can clearly see, its dangerous for the user and will backfire one or the other way. Providing inapp subscriptions or a fair price is alwas better than the free, financed by ads approach.

Answer 36

It's still happening. It's just started happening to me using Google Chrome - track dot nuxues dot com (had to put the spaces in because I might be trying to direct you all to a dodgy site, oh the irony) then redirected to spam sites. It's good to see Microsoft, having achieved a monopoly (basically), is still screwing it's customers. It's the only engineering where customers do the product development and are expected to pay for the privilege. By the time the operating system is actually okay they stop supporting it. Would ANYONE buy a car with these problems? 

Bring back Windows 7 or NT - the last stable and reasonably reliable Microsoft operating systems.

Answer 37

Windows 10 is stable.  The advertising SDK is NOT.  The vast majority of the crashes in my apps were from the advertising SDK until I figured ways around it.  Last I heard from the SDK team a few weeks ago, they have no plans to update the SDK, so don't expect the popup ads to stop any time soon.  They are basically playing wack a mole trying to stop the bad advertisers.

Answer 38

Exactly the same here, reproduceable:

Whenever I open an article from MSN - News or when I start a game from Ms Collections Edge is opened an the advertises come up. Obviously dangerous when follow the suggestions there.

It does not happen, when I browse (with Edge) "normally"

Answer 39

Well they don't seem to have done anything. Its happening in Microsoft Minesweeper today.  I blocked track.nuxues.com in my hosts file....

---

Dave G4UGM

Answer 40

I changed my hosts file by adding this:

127.0.0.1 chanelets-aurning.com
127.0.0.1 track.nuxues.com

but it's still annoying because that doesn't prevent the system from popups. Any idea for that?

I can't believe that this is happening in the year 2019.

Stefan

Answer 41

Hi Stefan,

I got this idiot pop-up today (Sunday, June 2, 2019) as long as I was in the Microsoft games.

CLosing every time edge with <ALT F4> did only close the pop-up shortly, leaving the Microsoft Games stopped the pop-ups, therefore I believe that the pop-ups are originating from MS games.

So I modified my hosts file to 'block' these bogus sites.

Microsoft, please fix your ads !

Update: after modification of my hosts file. I started MS games and I got the pop-up again, but now at least I got the site not reachable as the hosts file is redirecting the URL to 127.0.0.1

The hosts file is C:\Windows\System32\drivers\etc

Copy thsi file to the desktop, use notepad to edit is, save it as hosts (thus not as hosts.txt) on your desktop and than copu it back to the original location at C:\Windows\System32\drivers\etc.

You should get a message that the file already exists and if you want to overwrite it. Your response should be YES.

If you do not get the message, than the file is not hosts, but hosts.txt.

Your milage may vary

Cheers,

pa3ddg

Answer 42

Same here and with a most annoying beeping:  http://www.microsoft.com-windows-booster.live/tonic2/?ip=176.249.141.40&campid=869e71a0-ff7c-45be-bbcd-2fbc40f86bc7&zn=2006&sc=a8a456ba-edc9-4326-80f5-1759b60ceed2&browser=Firefox&browserversion=Firefox%2067&city=Hounslow&os=Windows&osv=Windows%2010&model=Desktop&td=tracking.marketing&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A67.0%29%20Gecko%2F20100101%20Firefox%2F67.0&language=en&connection=XDSL&isp=British%20Sky%20Broadcasting%20Limited&carrier=&country=GB&cep=M9VsO_kWSJV3L2TatdLsGoK6R2e34X5VEC8hooj1L38H8C8cSD_pov1A8HZLHvR84T6S9V9ijvNTU97JeGvM3KcvcJm_TjERt1sxw8hFkauOfJLTT6hL-duEFaLQew0Z_7P4fd_jgAWeAXAyTLi2W1nKaLv3Hza8ouX4Nl23ZmbqhjgRxFSRgsEGVVyqhJV4rPPmQVAvyM05MpgPGLIfaCYs2tgE2blhQ-z7JCFg-KXEdpXWBpJ9GqX227yBDO7-&partner_id=2006&pid=2006-e937f67z&payout=%5B%5Bamount%5D%5D&clickid=6697834445375799700

Definitely from you have run Malwarebytes, HitmanPro and Zemana  they have found no issues on my PC

Answer 43

Wie kann es sein, dass Ms dieses Problem in mehr als zwei Wochen nicht in den Griff bekommt? Es liegt doch offensichtlich an der Werbung, die eingeblendet werden sollte.

Wenn man den dunklen Modus einschaltet, sieht man ja, dass statt der Werbung eine weiße Fläche kommt und Edge mit dem Tracker und Virenwarnung kommt.

Zwischenzeitlich könnte Ms (oder der Werbungs-Provider) ja mal die Werbung ausschalten, bis der Fehler gefunden ist.

Answer 44

Hi,

exactly the same here, when I opened an article in Microsoft News App (Windows 10 Pro).
Firefox is opening with https://track.nuxues.com.

Answer 45

Hi,

I've been playing Solitaire a couple of times today and noticed the same pattern. When the game is open a new tab opens up. First the chanelets url, then the nuxues url followed by www.microsoft.com-shields-devices.live and the "3 virus warning" page comes up. New tabs open up only minutes apart from each other as well.

The issue goes away when I close the game but re-appears hours later when I start the game again. I've run both Windows Defender and Malwarebytes without anything coming up.

Answer 46

I had this today (2nd June 2019) in the UK - obviously the pop-up was in English and claimed I had 3 viruses and it then began attempting to download a package.  I was able to shut it down.

My browser was closed - but I was on Microsoft Jigsaw at the time.

I restarted my jigsaw and it happened again.

I then ran Defender, which found nothing.  Malwarebytes did, however, identify a "track.nuxues" issue, with the file path ending \artur.dubovoy@gmail.com.xpi"  which had been placed in my flash video downloader folder - this was removed.

So this infection is still out there, and appears to be active on the X-Box Live games.

Answer 47

Same here in the Netherlands. 
Started today when loading the news items in Microsoft News App. Upon opening every article (RTL news, nu.nl, nos.nl, etc) Chrome (the default browser) gets opened. 
I blocked the sites in the hosts file, but now it opens the error page. 

Answer 48

This started with me whilst using MS Minesweeper and Sudoku Apps this AM in Dorset UK.

Occasional instances also when using Edge browser.

Persisted after updating OS to 1903.

track.nuxues.com

Intercepted by Sophos AV, but very annoying.

Nothing detected by Windows Defender quick scan.

Will run Sophos full scan overnight

Answer 49

A customer of mine had the problem as well this morning: opening folders in Outlook.com led to a script block by ESET Internet Security, making access to email impossible. I ended op blocking web access to https://chanelets-aurning.com and https://track.nexues.com in Eset and cleaning cookies, cache and history for MS Edge before starting Edge again and accessing Outlook.com. That seems to solve the problem for now, email and folders are accessible again… Fingers crossed

Answer 50

Exactly the same every time Outlook .com is opened 'track nexues' is blocked by ESET.

Threat: JS/Adware.Agent.AF application

MS should remove all adverts from Outlook .com till they are sure they are harmless.

Answer 51

Hi all,

The relevant team of Ad has informed me today that they are dealing with this problem today, we are deeply sorry for the inconvenience caused.

Best regards

Daisy  Tian

---

So more than 1 month on and what a surprise nothing been fixed as far as developers can tell.

Even the technical press have picked up on the inability to perform basic tasks like 'vet the inventory'

Tech press article on this issue

Being "deeply sorry" is all well and good, how about actually fixing the issue, or at least attempting to fix it + communicate whats happening...