Nojuzz

New Member
# AdwCleaner v6.046 - Logfile created 03/05/2017 at 21:16:07
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-03.1 [Local]
# Operating System : Windows 10 Home (X64)
# Username : Vartotojas - ASUS
# Running from : C:\Users\Vartotojas\Downloads\adwcleaner_6.046.exe
# Mode: Scan
# Support : Customer Support & Help Center



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\ScreenShot
Key Found: [x64] HKLM\SOFTWARE\InterSect Alliance
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 9initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 36initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 23initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Web data] - 91initialpage123
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.initialpage123.com/?z=d66f96f2e895f8ef60ea96dg5z8t8ccg9ceqdz0e3b&from=amz&uid=WDCXWD5000LPVX-80V0TT0_
Chrome pref Found: [C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.initialpage123.com/?z=d66f96f2e895f8ef60ea96dg5z8t8ccg9ceqdz0e3b&from=amz&uid=WDCXWD5000LPVX-80V0TT0




*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3565 Bytes] - [03/05/2017 20:14:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [3328 Bytes] - [03/05/2017 20:13:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [2139 Bytes] - [03/05/2017 21:16:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2212 Bytes] ##########




# AdwCleaner v6.046 - Logfile created 11/05/2017 at 20:46:54
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-10.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Vartotojas - ASUS
# Running from : C:\Users\Vartotojas\Desktop\adwcleaner_6.046.exe
# Mode: Scan
# Support : Customer Support & Help Center



***** [ Services ] *****

Service Found: WinSAPSvc
Service Found: VNASRE


***** [ Folders ] *****

Folder Found: C:\Users\Vartotojas\AppData\Local\VNASRE
Folder Found: C:\Users\Vartotojas\AppData\Roaming\WinSAPSvc
Folder Found: C:\ProgramData\BIT


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

Task Found: Milimili


***** [ Registry ] *****

Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNAREA
Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNAREA
Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\VNASRE
Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\VNASRE
Key Found: HKLM\SOFTWARE\ScreenShot
Key Found: [x64] HKLM\SOFTWARE\InterSect Alliance
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT]



I've pasted some files from adwcleaner scans with results, I hope it helps a bit
 

TwinHeadedEagle

Removal Expert
Verified
Staff member
Hello,


Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    icon and select
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

Attachments

TwinHeadedEagle

Removal Expert
Verified
Staff member
Quite possible. Can you reinstall it? Then do not login into your Google account and report back.
 

Nojuzz

New Member
UPDATE: I've re-installed chrome, everything seems to run fine without logging in to chrome profile. How do I revert my chrome profile setting to default? Will it help?