Solved I can't delete Adware, it keeps coming back!

[Nojuzz]

# AdwCleaner v6.046 - Logfile created 03/05/2017 at 21:16:07
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-03.1 [Local]
# Operating System : Windows 10 Home (X64)
# Username : Vartotojas - ASUS
# Running from : C:\Users\Vartotojas\Downloads\adwcleaner_6.046.exe
# Mode: Scan
# Support : Customer Support & Help Center



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\ScreenShot
Key Found: [x64] HKLM\SOFTWARE\InterSect Alliance
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 9initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 36initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 23initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 91initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.initialpage123.com/?z=d66f96f2e895f8ef60ea96dg5z8t8ccg9ceqdz0e3b&from=amz&uid=WDCXWD5000LPVX-80V0TT0_
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.initialpage123.com/?z=d66f96f2e895f8ef60ea96dg5z8t8ccg9ceqdz0e3b&from=amz&uid=WDCXWD5000LPVX-80V0TT0




*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3565 Bytes] - [03/05/2017 20:14:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [3328 Bytes] - [03/05/2017 20:13:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [2139 Bytes] - [03/05/2017 21:16:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2212 Bytes] ##########




# AdwCleaner v6.046 - Logfile created 11/05/2017 at 20:46:54
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-10.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Vartotojas - ASUS
# Running from : C:\Users\Vartotojas\Desktop\adwcleaner_6.046.exe
# Mode: Scan
# Support : Customer Support & Help Center



***** [ Services ] *****

Service Found: WinSAPSvc
Service Found: VNASRE


***** [ Folders ] *****

Folder Found: C:\Users\Vartotojas\AppData\Local\VNASRE
Folder Found: C:\Users\Vartotojas\AppData\Roaming\WinSAPSvc
Folder Found: C:\ProgramData\BIT


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

Task Found: Milimili


***** [ Registry ] *****

Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNAREA
Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNAREA
Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\VNASRE
Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\VNASRE
Key Found: HKLM\SOFTWARE\ScreenShot
Key Found: [x64] HKLM\SOFTWARE\InterSect Alliance
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT]



I've pasted some files from adwcleaner scans with results, I hope it helps a bit

 

[Nojuzz]

Edit: I added FRST and Addition files

 

[TwinHeadedEagle]

Hello,

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

​

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

 

[Nojuzz]

Hello, attaching fixlog. Thanks for help.

 

[TwinHeadedEagle]

How is your PC behaving now?

 

[Nojuzz]

Scans now can't find any damaged registries or any threats. Got to wait a bit to be sure.

 

[Nojuzz]

UPDATE: I got like 4 alerts like this today. Ran scan - nothing found. Is it a problem with my Chrome?

 

[TwinHeadedEagle]

Quite possible. Can you reinstall it? Then do not login into your Google account and report back.

 

[Nojuzz]

UPDATE: I've re-installed chrome, everything seems to run fine without logging in to chrome profile. How do I revert my chrome profile setting to default? Will it help?

 

[Nojuzz]

Sorry for the last post, just moments ago I got a new alert with a different website.

 

[TwinHeadedEagle]

Please read this:

Please read before posting FP