utrack.pw Redirections

There aren't any real issue showing in your logs other than the items Malwarebytes showed. And you log from Malwarebytes shows that you did not fix the issues found related to Firefox. You need to run Malwarebytes again and this time fix what it finds.

Also run the below.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Attach JRT.txt to your next message.

Are you still having problems with Firefox? If yes then it is probably worth running the instructions in the below link:

Reset Firefox to Defaults

 

You're welcome.

Please download OTL by OldTimer.

• Save it to your desktop.
• Double-click on the OTL icon on your desktopto run it. (Note: if using Vista, Win7 or Win8 use right-click and select Run as Administrator)
• Check the "Scan All Users" checkbox.
• Check the "Standard Output".
• Change the setting of "Drivers" and "Services" to "All"
• Copy the text in the code box below and paste it into the text-field.
  
  Code:

  activex
  netsvcs
  drives
  

• Now click the button.
• One report will be created:
  • OTL.txt <-- Will be opened
• Attach OTL.txt to your next message. (How to attach)

 

Did you try resetting Firefox back to defaults as requested a few messages back?

If you did and you still have problems, try flushing your DNS Cache.
Also try resetting your router back to factory defaults and configuring it again for your network. Make sure you write down all of your settings first.

One other suggestion would be to remove the Google free DNS setting you are using and use the one provided by your ISP. We have seen people have problems sometimes when using these free DNS sites.


Also you should run the below and attach the requested log:

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Attach the logfile to your next next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Hello. Chaslang is going to be away for a few days so I have come in to continue working with you.

This seems to be a bit of a mystery.

For clarification remind me which browsers exactly you are being redirected in.

Firefox
MS Edge
Internet Explorer
What about Google Chrome?

Can you take a screenshot of one of the pages you get redirected to please?

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop. Hopefully it will run on Win10... let me know.

Note: Make sure you download the correct version for your PC. Only the correct version will work.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your next reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

I am not expecting it to be able to run, but if it does that will be nice. I'm sat here in the background trying to think of other tools we can run as win 10 is so new and not everything is compatible right now.

That's shocking that whatever it is is also affecting/hooked into your Steam!

 

Try and think of what you were doing at the time this first occurred.

• Had you installed any new software?
• Had you installed any new browser add on's?
• Had you visited any websites different from your normal searches?

 

Try Farbar, but if it does not run, I'd like you to move onto running Combofix because that is Win10 compat.

Please download Combofix to your desktop. Please refer to these instructions prior to running. Attach log once done.

I see some other people affected by this when I was surfing around, and I am following the one thread with interest.

 

Yes we must get to the bottom of it.

Excellent. Do try FARBAR first but let's hope if that doesn't run that Combofix can snag what is causing all this....

I also want you to open up each browser and check for any strange add on's or extensions if you have not done so already.

 

Is this where you get redirected to? (See screenshot)

I also found this today on the net "It is important to note that the Utrack platform is a legitimate service, and there are adware developers using it to facilitate their operations."

 

Can you run Combofix for me too, please and attach log once done?
Also if you could get me a screenshot of one of the sites it redirects you too I'd appreciate that.

 

Ah ok. I thought it would considering our page said win10 compatible

Not seeing anything in the logs at all. I do have a question though, what is this?

C:\Users\Daz\AppData\Roaming\3909



Download Kasperky virus removal tool from here "KVRT.exe"

• Double click KVRT.exe to start the program
• Click Accept and let it finish loading...
• Click on where it says "Change parameters"
• Ensure that all 4 boxes have checkmarks in them and click on "OK"
• Now click on Start Scan
• Please note that it may take some time to complete
• Once it is complete allow it to remove what it finds.
• Let me know if it found anything.

 

Also I'd like a screenshot including the web address of one of the sites you get redirected too please.

 

Yes all that was found, was stuff already in quarantine

As you can probably gather, not much is known about this so far and a few people are in the same boat as you. Hang in there... I'm thinking and watching other threads where people are going thru this.

 

I have to ask as it was the only strange thing I found, what's in this folder? :confused C:\Users\Daz\AppData\Roaming\3909

 

Try this (not that I expect it to make miracles happen)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Attached is fixlist.txt

• Save fixlist.txt to your flash drive.
• You should now have both fixlist.txt and FRST64.exe on your flash drive.

Now re-enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt).
Please attach this to your next message. (How to attach)

Also I want to run a test.... Google Chrome is affected by redirects, too correct?

 

Ignore my previous instructions, do it this way.

• Save fixlist.txt on your Desktop. Make sure you save it as a txt file.
• You should now have both fixlist.txt and FRST64.exe on your Desktop.
• Now I want you to disconnect your PC connection to the internet by unplugging the cable ( if it is wireless then temporarily shutdown the wireless network ).
• Run FRST64.exe by right clicking on it and selecting Run As Adminstrator
• Click the Fix button just once and wait.
• Your computer should reboot after the fix runs.
• Reconnect your internet connection after reboot so you can come back here to continue.
• The tool will make a log on the Desktop (Fixlog.txt) please attach this new log to your next reply (attach or paste)

Let's focus on Google Chrome for the test.

Back up any bookmarks you may have....

Use Revo Uninstaller to uninstall the below:

• Google Chrome
• Google Talk Plugin
• Google Update Helper

Now reinstall Google Chrome and let me know if it redirects....

 

You want to ditch Chrome completely? That's fine. Use Revo to uninstall it. Then proceed to backing up your Firefox bookmarks before using Revo to uninstall it. Now reboot and reinstall and let me know whether it still redirects.
Can I have another screenshot of where it takes you, please?

 

I would like to to try and follow the instructions below for Win8 and resetting the host file, those instructions should work for Win 10 too.

https://support.microsoft.com/en-gb/kb/972034

Let me know if this makes any difference. I'm sorry there's been no quick fix for this but again, it's obviously a new infection and I'm finding it very difficult to get to the root cause.

 

I can understand the way you feel, and if you did decide enough was enough I wouldn't blame you.

 

You are most welcome. Safe surfing.

 

You should ask about that in the software forum.