Jump to content

Archived

This topic is now archived and is closed to further replies.

dalton4319

Urget has to do with Winlogon

Recommended Posts

I keep getting a eset blocked this with the url and ill copy the exact thing its a long url but it does this about every 10 seconds and seems to increase when i use google chrome, when i use chrome after about 10 min chrome stops working this is the full log of what its blocking . i tried deleting google chrome and re installing it didnt work i ran full scans and says my computer is clean, i tried restoring my computer didnt work im so lost on what to do please help  :(

Time;URL;Status;Application;User;IP address;SHA1

4/29/2018 7:20:38 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66153;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:20:51 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66160;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:10 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6616d;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:23 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66180;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:33 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6618d;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:45 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66197;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:21:55 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661a3;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:05 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661ad;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:15 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661b7;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:25 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661c1;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:35 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661cb;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:46 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661d5;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:22:59 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661e0;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:23:09 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661ed;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:23:19 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae661f7;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:23:32 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66201;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:16 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6622d;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:26 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae6623a;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:36 PM;hxxp://config.laxmbgaqm.com/config?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils&rts=5ae51f05&cts=5ae66244;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:24:47 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:25:31 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:27:05 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:27:25 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:28:47 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:29:20 PM;hxxp://config.laxmbgaqm.com/update?uid=CO-Z17U5E03F491719833B&version=1.1.0.0&source=zl.sild&prod=netutils;Blocked by internal blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;138.68.224.30;063B5DA239A296ABC38E2F30F9A9F517FB96B13F
4/29/2018 7:39:51 PM;hxxp://www.4dfe912d.com/hello2?rts=5ae51f05&uid1=CO-Z17U5E03F491719833B&uid2=8588e1170cead377659ca3074c7b5fe0&build=7601;Blocked by internal IP blacklist;C:\Windows\System32\winlogon.exe;NT AUTHORITY\SYSTEM;212.61.180.100;063B5DA239A296ABC38E2F30F9A9F517FB96B13F

 

Share this post


Link to post
Share on other sites

Please gather logs with ELC and drop me a private message with the generated archive.

Share this post


Link to post
Share on other sites

Hello

I am having the same exact problem as Dalton4319.  Just started today.  I can double-click and start as many Google Chromes as I want but nothing shows up, yet when I go into Task Manager they are all there as if they are running.

Please let me know if you find a solution.

Thanks, Harley

Share this post


Link to post
Share on other sites

hi i have the same problem i've uninstall chrome because it stops working, but even without chrome i have sometimes popup about ://config.laxmbgaqm.com

Share this post


Link to post
Share on other sites

Please gather logs with ELC and drop me a personal message with the generated archive attached. If too big to attach, upload it to a safe location and pm me just a download link.

Share this post


Link to post
Share on other sites

Thanks Marcos.  I feel like a schmuck asking this but.... What is ELC?

Share this post


Link to post
Share on other sites

Hi, I have the same issue. Does anyone have any clue of how solve it?

Share this post


Link to post
Share on other sites

Hi I have had the same problem, I've already posted in another post. The messages have stopped for me, but chrome is still not working. Could we get an ESET Administrator to update where we are with a fix for this? Or an official troubleshoot or something?

 

Cheers 

Share this post


Link to post
Share on other sites
13 hours ago, EPlayle said:

Hi I have had the same problem, I've already posted in another post. The messages have stopped for me, but chrome is still not working. Could we get an ESET Administrator to update where we are with a fix for this? Or an official troubleshoot or something?

This is adware based malware. Bleepingcomputer.com has an article on how to remove it here: https://www.bleepingcomputer.com/virus-removal/remove-ad-by-netutils-advertisements . One of those steps is the browser must be reset to default install settings.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×