Jump to content
MartinOShea

Website blocked messages concerning online-metrix.net

Recommended Posts

Hello

I have Malwarebytes Premium 3.12 and when I try to access various web sites I find that messages are issued by MB concerning a website online-metrix.net. Two examples of the messages are in the graphics attached. I also attach a MB log file from one of the messages.

The messages are produced by MB when I use several different browsers including Internet Explorer, Vivaldi and Chrome. Clearing browser caches have had no effect. From this I conclude that there is nothing specific to each browser but that there is a piece of adware, malware etc. on the PC. However, I have been unable to find out much about what online-metrix.net.

Can anyone advise what MB knows about this site, malware etc.?

I am using MS Windows 10 Creators Update.

I had thought the messages were to do with Flash Player but having removed it, I am still getting the messages.

Thanks

Martin O'Shea.

A.png

B.png

Log.txt

Edited by MartinOShea

Share this post


Link to post
Share on other sites

What I have found is a few web sites which refer to this online-metrix.net, e.g.:

https://help.vtex.com/en/faq/how-to-set-up-the-device-fingerprint-for-braspagcybersource 

https://forums.spybot.info/showthread.php?69149-Spybot-still-showing-spyware-after-attempting-to-fix-unsure-what-to-do

Always it is to do with Flash. Maybe a recent update of Flash is thew cause of this issue? I have tried disabling it on my PC but without success. I wonder can it be removed from Windows 10?

Share this post


Link to post
Share on other sites

I finally found someone else having this issue, and it's recent, wow! I have been dealing with this nonstop for two days. I wiped my partition completely and received these immediately. I figured it may be Chrome, uninstalled completely and tried IE and the problem still persists. I even completely removed wireless from my PC and hard wired the connection, still have it. I have blamed both of my routers on being infected, nothing else makes sense. 

This COULD be a false positive, sometimes antivirus programs do that. I decided to remove all real time protection and close MWB, here i am typing to you with no pop ups. I did not have MWB Premium before my first wipe a few days ago, which is when the pop ups started. 

Anyone think it could be the program itself? 

Share this post


Link to post
Share on other sites

@AprilA: I would be cautious here and tend to think it could be a false positive. If MB is off, then it will not report any messages. I still think it is Flash related. The sooner that program is consigned to the dustbin of history, the better.

Share this post


Link to post
Share on other sites

I agree, haha. It's nuts though. This last time, I literally installed windows with a wiped partition, installed one driver for the internet and opened IE, boom, four pop ups right away. They are getting worse, too. I was going to try to block the IPs from the hosts file but there are like 40 variations of them and some are way too long to type out. 

I think I am going to stop being psycho and wiping Windows and just blame MWB :P

Share this post


Link to post
Share on other sites

For the record, I see you are using Windows 10, I am on 7 with the same issues and a fresh wipe. It can't be adware or malware, unless our modems got infected which would be rare.

Share this post


Link to post
Share on other sites

@AprilA: I also have a Windows 7 laptop networked with the Windows 10 PC. The laptop appears to be unaffected though. It is a rum do!

Share this post


Link to post
Share on other sites

Well, that throws my router guess out of the window LOL. Malwarebytes premium on that as well I assume?

Share this post


Link to post
Share on other sites

I too have been having this problem for about 5 hours now.  The problem happens with all the browsers I have.  I have noticed that the problem seems to be website specific.  e.g. there are loads of popups when going through my banks security questions....  A worrying time to get this sort of popup...  I still get the feeling though that this is a false positive, at least I hope it is...

Share this post


Link to post
Share on other sites

Hi guys :)

This seems to be a false positive from what I can read. Or there could be an active threat on the domain that is blocked and that domain is widely used by many websites. This thread has been reported to Malwarebytes' Staff so they can take a look as soon as possible.

Sit tight!

Edited by Aura

Share this post


Link to post
Share on other sites

Curious to see what they say. Fresh install again, didn't even install wireless. Also, a friend that works at my internet company just brought me over a brand new $400 modem and we were browsing YouTube fine to test my internet. 

As soon as I logged into Facebook I got 11 of them, Amazon brought on 8 more. 

I am convinced it is 100% false now, it's a fresh install of Windows with new hardware and nothing installed at all. How can we disable the service from popping up anything related to online-metrix.net?

Share this post


Link to post
Share on other sites

I have dozens of these popping up, they're all different too.

 

aa.online-metrix.nmet:49880
aa.online-metrix.nmet:49881
aa.online-metrix.nmet:56915
usllpic0-741a43e95f7d8dc4ea5ab713bde08f0fe51e77e7-sac.d.aa.online-metrix
usllpic0-741a43e95f7d8dc4ea5ab713bde08f0fe51e77e7-sac.d.aa.online-metrix.net
aa.online-metrix.nmet:54446
usllpic0-da02a8135d3c5dcc8246f1395a12a09146155ded-sac.d.aa.online-metrix
j8ck72di-473e1d8bf2b1e04f91ac594ef7cfcb1f0e07e540-sac.d.aa.online-metrix.net
aa.online-metrix.nmet:49880

Share this post


Link to post
Share on other sites

I blocked these in my hosts file:

0.0.0.0 aa.online-metrix.net
0.0.0.0 h.online-metrix.net

Will all of the strings attached to them be unblocked as well? Such as j8ck72di-07d0f1b0fd25f3ea686b2ba35552c998787c52df-sac.d.aa.online-metrix

I assume it's safe and nothing to worry about, right? I've been digging through Google results for about 7 hours and this dates back to about 2012, points to DNS problems and stuff.

Share this post


Link to post
Share on other sites

Can you explain what online-metrix.net is? Is it a legitimate web site or not? Why did MB show these messages all of a sudden?

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.