Author Topic: Browser redirects & pop ups - what is safe to delete?  (Read 3320 times)

0 Members and 1 Guest are viewing this topic.

October 22, 2015, 11:40:41 pm


  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    • View Profile
Browser redirects & pop ups - what is safe to delete?
« on: October 22, 2015, 11:40:41 pm »
My Chrome browser which is set simple with no extensions has tabs popping up when clicking on various areas of some pages. The pop ups on the page have to be killed in task manager.

Many of the results are coloured orange & I'm not sure. Can someone please tell me what I should delete? I'm worried about the red results in MBR, would deleting it delete some part of the mbr I need or just the infection itself?

I attached results notepad file

Reply #1October 23, 2015, 02:58:35 pm


  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2572
  • Reputation:
    • View Profile
Re: Browser redirects & pop ups - what is safe to delete?
« Reply #1 on: October 23, 2015, 02:58:35 pm »
Hi Jman,

Welcome to Forum.
WARNING : Your computer is infected with a variant of the PSW-Sinowal trojan which has passwords stealing abilities. Please refrain to use this computer for important transactions until the end of the removal procedure.

Please download TDSSKiller and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

  • Check Loaded Modules and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.

  • Click Start Scan and allow the scan process to run.
    If threats are detected select Cure / Deletefor all of them unless I instruct you otherwise.
  • Click Continue

  • Click Reboot computer
Please attach the file TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically C:\) in your next reply.

Please download Farbar Recovery Scan Tool (x32) and save it to your Desktop.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST64.exe). Please also attach that along with the FRST.txt into your reply.

Note : This thread has been moved to the "Malware removal help" section for clarity.