How to remove quiz / Web trends graphics from Windows search bar

Collapse
X
Collapse
 
  • Page of 3
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • charliefarnsbarns
    PCHF Member
    • May 2022
    • 23
    #1

    How to remove quiz / Web trends graphics from Windows search bar

    In the last two days I’ve noticed my Windows 10 search bar is showing comedy graphics which seem to link to a Bing-related “Trends” or quizzes. Today the graphic is all about Eurovision. I find this quite distracting and have tried Googling how to remove or fix it and tried making some fixes without success, including running anti-virus software, removing Bing as a browser, I’ve even completely unistalled Microsoft Edge. But it’s still there. I’m sure it must be something very simple but I haven’t found any forums which offer solutions and I just wondered if anyone has any ideas? I’ve attached a couple of screen grabs - showing the cartoon in the search bar, and then the menu which opens when you click it. Thanks in anticipation, Charlie x
    Tags: None
    • veeg
      PCHF Director
      • Jul 2016
      • 8982
      #2
      Hello

      I will tag our expert..

      @Malnutrition

        Comment

        • charliefarnsbarns
          PCHF Member
          • May 2022
          • 23
          #3
          Originally posted by veeg
          Hello

          I will tag our expert..

          @Malnutrition
          Aw thanks very much, look forward to hearing any thoughts on this!

            Comment

            • Malnutrition
              PCHF Moderator
              • Jul 2016
              • 7045
              #4
              Step 1: Adware Removal Tool Scan.

              Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
              Click Scan
              Hit Ok.
              Hit next make sure to leave all items checked, for removal.
              Click Next
              The Program will close all open programs to complete the removal, so save any work and hit OK.
              Then hit OK after the removal process is complete, thenOK again to finish up.
              Post log generated by tool.



              Step2: Adware Cleaner Scan.

              Adware Cleaner

              [ul]
              [li]Download AdwCleaner and save it to your Desktop[/li][li]Right-click on AdwCleaner.exeand select[/li][li] [/li]
              [IMG alt=“Spcusrh.png”]https://i.imgur.com/Spcusrh.png

              Run as Administrator
              [li]Accept the EULA (I accept), then click on Scan Now[/li][li]Let the scan complete[/li][li]Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button[/li][li]Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.[/li][li]Once the cleaning process is complete, AdwCleaner will ask you to restart your computer[/li][li]Close all other open windows and allow it to restart[/li][li]After the restart, Notepad will open with the AdwCleaner cleaning log[/li][li]Please Attach the contents of that log into your next reply to me[/li][/ul]

              Step3:

              ZHP cleaner Scan.

              Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
              Once you have started the program, you will need to click the scanner button.
              The program will close all open browsers!
              Once the scan is completed, the you will want to click the Repair button.
              At the end of the process you may be asked to reboot your machine.
              After you reboot a report will open on your desktop.
              Attach the report here in your next reply.[/IMG]

                Comment

                • Bastet
                  PCHF Member
                  • Aug 2016
                  • 1515
                  #5
                  That’s search highlights.
                  If you right click on the taskbar>Search>deselect ‘show search highlights’.

                    Comment

                    • Malnutrition
                      PCHF Moderator
                      • Jul 2016
                      • 7045
                      #6
                      @charliefarnsbarns Please try what @Bastet has posted prior to what I suggested. Running these tools that I posted isn’t going to hurt tho, should be part of a cleaning routine on any machine.

                        Comment

                        • Malnutrition
                          PCHF Moderator
                          • Jul 2016
                          • 7045
                          #7
                          On a side note, I’d uninstall TotalAV as it is garbage software. Use GeekUninstaller to remove all traces of it.

                          [MEDIA=youtube]HIPmnzH-Pr4[/MEDIA]

                          Security Check Scan.

                          [ul]
                          [li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please Copy and paste that log here in your next post[/li][/ul]

                            Comment

                            • charliefarnsbarns
                              PCHF Member
                              • May 2022
                              • 23
                              #8
                              Thankyou so much everyone! Bastet’s advice solved the immediate problem - I hadn’t realised how to reach that menu option. I am now running the adware scans suggested by Malnutrition and will post the log on completion as I follow the steps.

                                Comment

                                • Bastet
                                  PCHF Member
                                  • Aug 2016
                                  • 1515
                                  #9
                                  Great news. I hope there’s no malware found.

                                    Comment

                                    • charliefarnsbarns
                                      PCHF Member
                                      • May 2022
                                      • 23
                                      #10
                                      OK here are the three sets of results.

                                      Code:
                                      1. ADWARE REMOVAL LOGS:
[HR][/HR]
Adware Removal Tool 5.1
Time: 2022_05_14_13_30_36
OS: Windows 10 Home - x64 Bit
Account Name: User
Adware Definition: 05132022
Elapsed time: 16:46
Scan Status:- Automatic Done

\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\

No results found

\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\

No results found[LIST=1][*]ADW CLEANER LOG:[/LIST]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Malwarebytes AdwCleaner 8.3.2.0[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Build: 03-23-2022[/HEADING]
[HEADING=1]Database: 2022-03-15.3 (Local)[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Start: 05-14-2022[/HEADING]
[HEADING=1]Duration: 00:00:10[/HEADING]
[HEADING=1]OS: Windows 10 Home[/HEADING]
[HEADING=1]Cleaned: 33[/HEADING]
[HEADING=1]Awaiting reboot:6[/HEADING]
[HEADING=1]Failed: 0[/HEADING]
***** [ Services ] *****

Deleted SecurityService
Deleted webshieldfilter

***** [ Folders ] *****

Deleted C:\ProgramData\SecuritySuite
Deleted C:\Users\User\AppData\Local\Temp\VideoConverter
Deleted C:\Users\User\Documents\TotalAV
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
Needs Reboot C:\Program Files (x86)\TotalAV
Needs Reboot C:\ProgramData\TotalAV

***** [ Files ] *****

Deleted C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
Needs Reboot C:\Windows\System32\drivers\webshieldfilter.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Classes*\shell\TotalAV
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\Software\Wow6432Node\Classes\CLSID{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Users\User\Documents\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{4D6ED73B-E131-4756-89A7-51E699B95DF7}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{4D6ED73B-E131-4756-89A7-51E699B95DF7}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
[HR][/HR]
[+] Delete Tracing Keys
[+] Reset Winsock
[HR][/HR]
***** Reboot Required to Complete *****

***** [ Folders ] *****

Cleaning failed C:\Program Files (x86)\DELL\UPDATESERVICE
Cleaning failed C:\Program Files (x86)\TotalAV
Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT
Cleaning failed C:\ProgramData\DELL\UPDATESERVICE
Cleaning failed C:\ProgramData\TotalAV
[HR][/HR]
***** [ Files ] *****

Cleaned C:\Windows\System32\drivers\webshieldfilter.sys
[HR][/HR]
AdwCleaner[S00].txt - [4323 octets] - [13/05/2022 23:52:11]
AdwCleaner[S01].txt - [4384 octets] - [14/05/2022 14:10:19]
AdwCleaner_Debug.log - [16270 octets] - [14/05/2022 14:12:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########[LIST=1][*]ZHP CLEANER LOG[/LIST]
ZHP Report

~ ZHPCleaner v2022.5.12.33 by Nicolas Coolman (2022/05/12)
~ Run by User (Administrator) (14/05/2022 14:16:56)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : ZHP
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Scan
~ Report : C:\Users\User\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\User\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19044)

—\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

—\ Services (0)
~ No malicious or unnecessary items found. (Service)

—\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)

—\ Hosts file (1)
~ The hosts file is legitimate (21)

—\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found. (Task)

—\ Explorer ( File, Folder) (95)
FOUND file: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk Bad : C:\Program Files (x86)\TotalAV\TotalAV.exe =>SUP.Optional.TotalAV
FOUND file: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences =>ChromiumPreference
FOUND file: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>ChromiumPreference
FOUND file: C:\Program Files (x86)\TotalAV\TotalAV.exe [TotalAV - TotalAV Ultimate Antivirus User Interface] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\avgio.dll [Avira GmbH - On-access scan support for SDK] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\AviraLib.dll [AviraLib - AviraLib] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\BouncyCastle.Crypto.dll [The Legion of the Bouncy Castle Inc. - BouncyCastle.Crypto] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Branding.Desktop.dll [Branding.Desktop - Branding.Desktop] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\cachey-bashi.netcore.dll [cachey-bashi.netcore - cachey-bashi.netcore] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\DirectWriteForwarder.dll [© Microsoft Corporation. All rights reserved. - DirectWriteForwarder] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\DotNetZip.dll [ - Ionic’s Zip Library (.NET Standard)] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Engine.Win.dll [Engine.Win - Engine.Win] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\e_sqlite3.dll =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\GUI.Win.deps.json =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\GUI.Win.dll [ - Ultimate Antivirus by Protected.net] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\GUI.Win.runtimeconfig.json =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\HtmlAgilityPack.dll [ZZZ Projects Inc. - HtmlAgilityPack] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\install.name =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\installer.log =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\installoptions.jdat =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\libcrypto-1_1.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL library] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\libssl-1_1.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL library] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\lib_SCAPI.dll [Protected.net - Antivirus Engine Component] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\lib_SCAPISharp.dll [lib_SCAPISharp - lib_SCAPISharp] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.AppCenter.Analytics.dll [Microsoft.AppCenter.Analytics - Microsoft.AppCenter.Analytics] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.AppCenter.Crashes.dll [Microsoft.AppCenter.Crashes - Microsoft.AppCenter.Crashes] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.AppCenter.dll [Microsoft.AppCenter - Microsoft.AppCenter] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.Toolkit.Uwp.Notifications.dll [Microsoft.Toolkit - Microsoft.Toolkit.Uwp.Notifications] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Mindscape.Raygun4Net.NetCore.Common.dll [Raygun - Mindscape.Raygun4Net.NetCore.Common] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Mindscape.Raygun4Net.NetCore.dll [Raygun - Raygun4Net.NetCore] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\NamedPipeServerStream.NetFrameworkVersion.dll [havendv - NamedPipeServerStream.NetFrameworkVersion] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Netlib.dll =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\nfapi.dll [Copyright (C) - nfapi] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\nfregdrv.exe =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.deps.json =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.dll [ - Ultimate Antivirus by Protected.net] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.exe [TotalAV - TotalAV Password Vault Browser Assistant] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.runtimeconfig.json =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\PenImc_cor3.dll [© Microsoft Corporation. All rights reserved. - PenImc] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\PresentationNative_cor3.dll [© Microsoft Corporation. All rights reserved. - PresentationNative] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\PropertyChanged.dll [Simon Cropp - PropertyChanged] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\ProtocolFilters.dll [NetFilterSDK.com - ProtocolFilters] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\pwm.dll [pwm - pwm] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Savapi.Net.dll [Savapi.Net - Savapi.Net] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\securityservice.cat =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.deps.json =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.dll [ - Ultimate Antivirus by Protected.net] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.exe [TotalAV - TotalAV Ultimate Antivirus Service] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.runtimeconfig.json =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SharedDesktop.dll [SharedDesktop - SharedDesktop] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SOS_README.md =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.batteries_v2.dll [SourceGear - SQLitePCLRaw.batteries_v2] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.core.dll [SourceGear - SQLitePCLRaw.core] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.nativelibrary.dll [SourceGear - SQLitePCLRaw.nativelibrary] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.provider.dynamic_cdecl.dll [SourceGear - SQLitePCLRaw.provider.dynamic_cdecl] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SSCore.dll [SSCore - SSCore] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\System.Configuration.Install.dll [System.Configuration.Install - System.Configuration.Install] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\System.Printing.dll [© Microsoft Corporation. All rights reserved. - System.Printing] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\SystemToolsWindows.dll [SystemToolsWindows - SystemToolsWindows] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Trinet.Core.IO.Ntfs.dll [Richard Deeming - Trinet.Core.IO.Ntfs] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\UiPath.CoreIpc.dll [UiPath - UiPath.CoreIpc] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\uninst.exe [(C) Protected Antivirus Limited - TotalAV Ultimate Antivirus Installer] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.dll [Utilizr - Utilizr] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.NotifyIcon.dll [Utilizr.NotifyIcon - Utilizr.NotifyIcon] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.OpenVPN.dll [Utilizr.OpenVPN - Utilizr.OpenVPN] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.Ras.dll =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.VPN.dll [Utilizr.VPN - Utilizr.VPN] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.VPN.RasSharp.NetCore.dll [Utilizr.VPN.RasSharp.NetCore - Utilizr.VPN.RasSharp.NetCore] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Utilzr.WPF.dll [Utilzr.WPF - Utilzr.WPF] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\Webshield.Client.dll [Webshield.Client - Webshield.Client] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\wpfgfx_cor3.dll [© Microsoft Corporation. All rights reserved. - WpfGfx] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\wscf.exe [Protected.net Group Limited - Proteted.net WSCF] =>SUP.Optional.TotalAV
FOUND file: C:\Program Files (x86)\TotalAV\wscfd =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\bins =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\driver =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\locale =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\Manifest =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\ovpn =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\protected_elam =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\SAVAPI =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\startup =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\TotalAV\urldrv =>SUP.Optional.TotalAV
FOUND folder: C:\Program Files (x86)\DummyDir =>.SUP.Empty
FOUND folder: C:\Program Files (x86)\TotalAV =>SUP.Optional.TotalAV
FOUND folder: C:\ProgramData\TotalAV\cache =>SUP.Optional.TotalAV
FOUND folder: C:\ProgramData\TotalAV\data =>SUP.Optional.TotalAV
FOUND folder: C:\ProgramData\TotalAV\logs =>SUP.Optional.TotalAV
FOUND folder: C:\ProgramData\TotalAV\queues =>SUP.Optional.TotalAV
FOUND folder: C:\ProgramData\TotalAV\updates =>SUP.Optional.TotalAV
FOUND folder: C:\ProgramData\TotalAV =>SUP.Optional.TotalAV
FOUND folder: C:\Users\User\Documents\TotalAV\PasswordVault =>SUP.Optional.TotalAV
FOUND folder: C:\Users\User\Documents\TotalAV =>SUP.Optional.TotalAV
FOUND folder: C:\Documents and Settings\User\Documents\TotalAV\PasswordVault =>SUP.Optional.TotalAV
FOUND folder: C:\Documents and Settings\User\Documents\TotalAV =>SUP.Optional.TotalAV
FOUND folder: C:\ProgramData\SecuritySuite =>SUP.Optional.ScanGuard

—\ Registry ( Key, Value, Data) (2)
FOUND key: HKCU\Software\SSProtect [AdditionalScan 53] =>.SUP.PCProtect
FOUND key: [X64] HKLM\SOFTWARE\Classes\totalav [URL:Total AV Protocol] =>SUP.Optional.TotalAV

—\ Summary of the elements found (5)
Zone Anti-Malware - ZAM =>SUP.Optional.TotalAV
Noyau Chromium, Les Préférences des Navigateurs basés sur l'OS 2019 - ZAM =>ChromiumPreference
Zone Anti-Malware - ZAM =>.SUP.Empty
Zone Anti-Malware - ZAM =>SUP.Optional.ScanGuard
Zone Anti-Malware - ZAM =>.SUP.PCProtect

—\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Internet Explorer OK

—\ Statistics
~ Items scanned : 100400
~ Items found : 190
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17

—\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of search in 00h05mn44s

—\ Reports (0)
ZHPCleaner–14052022-14_22_40.txt

                                        Comment

                                        • charliefarnsbarns
                                          PCHF Member
                                          • May 2022
                                          • 23
                                          #11
                                          I can see from these reports that Total AV is responsible for a lot of dodgy content. I will certainly remove it and would be very gratefull for any tips you have for anti-virus protection software to replace it with?

                                            Comment

                                            • charliefarnsbarns
                                              PCHF Member
                                              • May 2022
                                              • 23
                                              #12
                                              It turns out that Total AV is not showing up as an installed program on my computer! It seems to be on the system, but it does not show up in Geek or in the Windows ‘Add or Uninstall Programs’ section. So I’m not sure how to remove it.

                                              Here is the log from the Security Check Scan:

                                              Code:
                                              SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21]
WebSite: www.safezone.cc
DateLog: 14.05.2022 14:41:10
Path starting: C:\Users\User\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: User
VersionXML: 9.78is-14.05.2022
[HR][/HR]
Windows 10(6.3.19044) (x64) Core Release: 2009 Lang: English(0809)
Installation date OS: 22.02.2022 13:28:50
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
LicenseStatus: Office 16, Office16O365HomePremR_Grace edition Windows is in Notification mode
Boot Mode: Normal
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [474.9 Gb] Used: [400.5 Gb] Free: [74.4 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.789.19041.0
User Account Control enabled (Level 3)
Never check for updates
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Total AV (enabled and up to date)
Windows Defender (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Defender Firewall (mpssvc) - The service is running
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft 365 - en-us v.16.0.15128.20224
Dell SupportAssist v.3.11.1.18
------------------------------- [ Backup ] --------------------------------
Microsoft OneDrive v.22.089.0426.0003 [+]
Dropbox v.148.4.4519
-------------------------- [ IMAndCollaborate ] ---------------------------
Microsoft Teams v.1.5.00.11163
WhatsApp v.2.2216.7 [+]
Zoom v.5.9.3 (3169) Warning! Download Update
Telegram Desktop version 3.7.3 v.3.7.3
-------------------------------- [ Media ] --------------------------------
Spotify v.1.1.81.604.gccacfc8c Warning! Download Update
VLC media player v.3.0.16 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat DC (64-bit) v.22.001.20117
ph v.1.0.0 << Hidden Warning! This software is no longer supported. Please uninstall it.
bl v.1.0.0 << Hidden Warning! This software is no longer supported. Please uninstall it.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.101.0.4951.54 Warning! Download Update
------------------ [ AntivirusFirewallProcessServices ] -------------------
Microsoft Defender Antivirus Service (WinDefend) - The service has stopped
Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
C:\Program Files (x86)\TotalAV\SecurityService.exe v.5.16.203.0
PC Security Management Service (SecurityService) - The service is running
C:\Program Files (x86)\TotalAV\SecurityService.exe v.5.16.203.0
PC Security Management Service (SecurityService) - The service is running
C:\Program Files (x86)\TotalAV\SecurityService.exe v.5.16.203.0
----------------------------- [ End of Log ] ------------------------------

                                                Comment

                                                • Malnutrition
                                                  PCHF Moderator
                                                  • Jul 2016
                                                  • 7045
                                                  #13
                                                  Run the adware cleaning programs and post the logs. I believe adware cleaner is scripted to remove it, if not then we can remove it with other tools.

                                                    Comment

                                                    • Malnutrition
                                                      PCHF Moderator
                                                      • Jul 2016
                                                      • 7045
                                                      #14
                                                      Update your programs with Patch My PC, then post a new security check log please.

                                                        Comment

                                                        • Malnutrition
                                                          PCHF Moderator
                                                          • Jul 2016
                                                          • 7045
                                                          #15
                                                          Did you click repair on zhp? Is total av still on your computer?

                                                            Comment

                                                            Previous 1 2 3 template Next
                                                            Working...

                                                              We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

                                                              By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

                                                              I Agree