Urget has to do with Winlogon

[dalton4319 0]

I keep getting a eset blocked this with the url and ill copy the exact thing its a long url but it does this about every 10 seconds and seems to increase when i use google chrome, when i use chrome after about 10 min chrome stops working this is the full log of what its blocking . i tried deleting google chrome and re installing it didnt work i ran full scans and says my computer is clean, i tried restoring my computer didnt work im so lost on what to do please help 

Time;URL;Status;Application;User;IP address;SHA1

4/29/2018 7:20:38 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66153;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:20:51 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66160;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:10 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6616d;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:23 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66180;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:33 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6618d;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:45 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66197;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:55 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661a3;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:05 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661ad;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:15 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661b7;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:25 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661c1;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:35 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661cb;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:46 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661d5;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:59 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661e0;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:23:09 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661ed;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:23:19 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661f7;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:23:32 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66201;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:16 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6622d;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:26 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6623a;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:36 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66244;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:47 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:25:31 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:27:05 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:27:25 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:28:47 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:29:20 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:39:51 PM;hxxp://www.4dfe912d.com/hello2?rts=5ae51f05&uid1=CO-Z17U5E03F491719833B&uid2=8588e1170cead377659ca3074c7b5fe0&build=7601;Blocked by internal IP blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;212.61.180.100;063B5DA239A296ABC38E2F30F9A9F517FB96B13F

 

[Marcos 5,259]

Please gather logs with ELC and drop me a private message with the generated archive.

[Harley 0]

Hello

I am having the same exact problem as Dalton4319.  Just started today.  I can double-click and start as many Google Chromes as I want but nothing shows up, yet when I go into Task Manager they are all there as if they are running.

Please let me know if you find a solution.

Thanks, Harley

[sziszaq 0]

hi i have the same problem i've uninstall chrome because it stops working, but even without chrome i have sometimes popup about ://config.laxmbgaqm.com

[Marcos 5,259]

Please gather logs with ELC and drop me a personal message with the generated archive attached. If too big to attach, upload it to a safe location and pm me just a download link.

[Harley 0]

Thanks Marcos.  I feel like a schmuck asking this but.... What is ELC?

[stackz 115]

3 hours ago, Harley said:

What is ELC?

ESET Log Collector - https://support.eset.com/kb3466/

[Alejandro Z 0]

Hi, I have the same issue. Does anyone have any clue of how solve it?

[EPlayle 0]

Hi I have had the same problem, I've already posted in another post. The messages have stopped for me, but chrome is still not working. Could we get an ESET Administrator to update where we are with a fix for this? Or an official troubleshoot or something?

 

Cheers 

[itman 1,746]

13 hours ago, EPlayle said:

Hi I have had the same problem, I've already posted in another post. The messages have stopped for me, but chrome is still not working. Could we get an ESET Administrator to update where we are with a fix for this? Or an official troubleshoot or something?

This is adware based malware. Bleepingcomputer.com has an article on how to remove it here: https://www.bleepingcomputer.com/virus-removal/remove-ad-by-netutils-advertisements . One of those steps is the browser must be reset to default install settings.

[EPlayle 0]

@itman Thanks for the Link!