In the last two days I’ve noticed my Windows 10 search bar is showing comedy graphics which seem to link to a Bing-related “Trends” or quizzes. Today the graphic is all about Eurovision. I find this quite distracting and have tried Googling how to remove or fix it and tried making some fixes without success, including running anti-virus software, removing Bing as a browser, I’ve even completely unistalled Microsoft Edge. But it’s still there. I’m sure it must be something very simple but I haven’t found any forums which offer solutions and I just wondered if anyone has any ideas? I’ve attached a couple of screen grabs - showing the cartoon in the search bar, and then the menu which opens when you click it. Thanks in anticipation, Charlie x
How to remove quiz / Web trends graphics from Windows search bar
Collapse
X
-
Tags: None
-
Originally posted by veegHello
I will tag our expert..
@MalnutritionComment
-
Step 1: Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
Click Scan
Hit Ok.
Hit next make sure to leave all items checked, for removal.
Click Next
The Program will close all open programs to complete the removal, so save any work and hit OK.
Then hit OK after the removal process is complete, thenOK again to finish up.
Post log generated by tool.
Step2: Adware Cleaner Scan.
Adware Cleaner
[ul]
[li]Download AdwCleaner and save it to your Desktop[/li][li]Right-click on AdwCleaner.exeand select[/li][li] [/li]
[IMG alt=“Spcusrh.png”]https://i.imgur.com/Spcusrh.png
Run as Administrator
[li]Accept the EULA (I accept), then click on Scan Now[/li][li]Let the scan complete[/li][li]Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button[/li][li]Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.[/li][li]Once the cleaning process is complete, AdwCleaner will ask you to restart your computer[/li][li]Close all other open windows and allow it to restart[/li][li]After the restart, Notepad will open with the AdwCleaner cleaning log[/li][li]Please Attach the contents of that log into your next reply to me[/li][/ul]
Step3:
ZHP cleaner Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine.
After you reboot a report will open on your desktop.
Attach the report here in your next reply.[/IMG]Comment
-
@charliefarnsbarns Please try what @Bastet has posted prior to what I suggested. Running these tools that I posted isn’t going to hurt tho, should be part of a cleaning routine on any machine.Comment
-
On a side note, I’d uninstall TotalAV as it is garbage software. Use GeekUninstaller to remove all traces of it.
[MEDIA=youtube]HIPmnzH-Pr4[/MEDIA]
Security Check Scan.
[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please Copy and paste that log here in your next post[/li][/ul]Comment
-
Thankyou so much everyone! Bastet’s advice solved the immediate problem - I hadn’t realised how to reach that menu option. I am now running the adware scans suggested by Malnutrition and will post the log on completion as I follow the steps.Comment
-
OK here are the three sets of results.
Code:1. ADWARE REMOVAL LOGS: [HR][/HR] Adware Removal Tool 5.1 Time: 2022_05_14_13_30_36 OS: Windows 10 Home - x64 Bit Account Name: User Adware Definition: 05132022 Elapsed time: 16:46 Scan Status:- Automatic Done \\\\\\\\\\\\ Scan Logs \\\\\\\\\\\ No results found \\\\\\\\\\\\ Repair Logs \\\\\\\\\\\ No results found[LIST=1][*]ADW CLEANER LOG:[/LIST] [HEADING=1]-------------------------------[/HEADING] [HEADING=1]Malwarebytes AdwCleaner 8.3.2.0[/HEADING] [HEADING=1]-------------------------------[/HEADING] [HEADING=1]Build: 03-23-2022[/HEADING] [HEADING=1]Database: 2022-03-15.3 (Local)[/HEADING] [HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING] [HEADING=1]-------------------------------[/HEADING] [HEADING=1]Mode: Clean[/HEADING] [HEADING=1]-------------------------------[/HEADING] [HEADING=1]Start: 05-14-2022[/HEADING] [HEADING=1]Duration: 00:00:10[/HEADING] [HEADING=1]OS: Windows 10 Home[/HEADING] [HEADING=1]Cleaned: 33[/HEADING] [HEADING=1]Awaiting reboot:6[/HEADING] [HEADING=1]Failed: 0[/HEADING] ***** [ Services ] ***** Deleted SecurityService Deleted webshieldfilter ***** [ Folders ] ***** Deleted C:\ProgramData\SecuritySuite Deleted C:\Users\User\AppData\Local\Temp\VideoConverter Deleted C:\Users\User\Documents\TotalAV Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV Needs Reboot C:\Program Files (x86)\TotalAV Needs Reboot C:\ProgramData\TotalAV ***** [ Files ] ***** Deleted C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk Needs Reboot C:\Windows\System32\drivers\webshieldfilter.sys ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\SSProtect Deleted HKLM\SOFTWARE\Classes*\shell\TotalAV Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\Software\Classes\totalav Deleted HKLM\Software\Wow6432Node\Classes\CLSID{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT Deleted Preinstalled.DellSupportAssistAgent Folder C:\Users\User\Documents\DELL\SUPPORTASSIST Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{4D6ED73B-E131-4756-89A7-51E699B95DF7} Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{4D6ED73B-E131-4756-89A7-51E699B95DF7} Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL UPDATE Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE [HR][/HR] [+] Delete Tracing Keys [+] Reset Winsock [HR][/HR] ***** Reboot Required to Complete ***** ***** [ Folders ] ***** Cleaning failed C:\Program Files (x86)\DELL\UPDATESERVICE Cleaning failed C:\Program Files (x86)\TotalAV Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT Cleaning failed C:\ProgramData\DELL\UPDATESERVICE Cleaning failed C:\ProgramData\TotalAV [HR][/HR] ***** [ Files ] ***** Cleaned C:\Windows\System32\drivers\webshieldfilter.sys [HR][/HR] AdwCleaner[S00].txt - [4323 octets] - [13/05/2022 23:52:11] AdwCleaner[S01].txt - [4384 octets] - [14/05/2022 14:10:19] AdwCleaner_Debug.log - [16270 octets] - [14/05/2022 14:12:36] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########[LIST=1][*]ZHP CLEANER LOG[/LIST] ZHP Report ~ ZHPCleaner v2022.5.12.33 by Nicolas Coolman (2022/05/12) ~ Run by User (Administrator) (14/05/2022 14:16:56) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : ZHP ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Scan ~ Report : C:\Users\User\Desktop\ZHPCleaner (S).txt ~ Quarantine : C:\Users\User\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 19044) —\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) —\ Services (0) ~ No malicious or unnecessary items found. (Service) —\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) —\ Hosts file (1) ~ The hosts file is legitimate (21) —\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) —\ Explorer ( File, Folder) (95) FOUND file: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk Bad : C:\Program Files (x86)\TotalAV\TotalAV.exe =>SUP.Optional.TotalAV FOUND file: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences =>ChromiumPreference FOUND file: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>ChromiumPreference FOUND file: C:\Program Files (x86)\TotalAV\TotalAV.exe [TotalAV - TotalAV Ultimate Antivirus User Interface] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\avgio.dll [Avira GmbH - On-access scan support for SDK] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\AviraLib.dll [AviraLib - AviraLib] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\BouncyCastle.Crypto.dll [The Legion of the Bouncy Castle Inc. - BouncyCastle.Crypto] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Branding.Desktop.dll [Branding.Desktop - Branding.Desktop] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\cachey-bashi.netcore.dll [cachey-bashi.netcore - cachey-bashi.netcore] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\DirectWriteForwarder.dll [© Microsoft Corporation. All rights reserved. - DirectWriteForwarder] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\DotNetZip.dll [ - Ionic’s Zip Library (.NET Standard)] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Engine.Win.dll [Engine.Win - Engine.Win] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\e_sqlite3.dll =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\GUI.Win.deps.json =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\GUI.Win.dll [ - Ultimate Antivirus by Protected.net] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\GUI.Win.runtimeconfig.json =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\HtmlAgilityPack.dll [ZZZ Projects Inc. - HtmlAgilityPack] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\install.name =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\installer.log =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\installoptions.jdat =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\libcrypto-1_1.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL library] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\libssl-1_1.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL library] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\lib_SCAPI.dll [Protected.net - Antivirus Engine Component] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\lib_SCAPISharp.dll [lib_SCAPISharp - lib_SCAPISharp] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.AppCenter.Analytics.dll [Microsoft.AppCenter.Analytics - Microsoft.AppCenter.Analytics] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.AppCenter.Crashes.dll [Microsoft.AppCenter.Crashes - Microsoft.AppCenter.Crashes] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.AppCenter.dll [Microsoft.AppCenter - Microsoft.AppCenter] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Microsoft.Toolkit.Uwp.Notifications.dll [Microsoft.Toolkit - Microsoft.Toolkit.Uwp.Notifications] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Mindscape.Raygun4Net.NetCore.Common.dll [Raygun - Mindscape.Raygun4Net.NetCore.Common] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Mindscape.Raygun4Net.NetCore.dll [Raygun - Raygun4Net.NetCore] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\NamedPipeServerStream.NetFrameworkVersion.dll [havendv - NamedPipeServerStream.NetFrameworkVersion] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Netlib.dll =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\nfapi.dll [Copyright (C) - nfapi] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\nfregdrv.exe =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.deps.json =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.dll [ - Ultimate Antivirus by Protected.net] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.exe [TotalAV - TotalAV Password Vault Browser Assistant] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\PasswordExtension.Win.runtimeconfig.json =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\PenImc_cor3.dll [© Microsoft Corporation. All rights reserved. - PenImc] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\PresentationNative_cor3.dll [© Microsoft Corporation. All rights reserved. - PresentationNative] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\PropertyChanged.dll [Simon Cropp - PropertyChanged] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\ProtocolFilters.dll [NetFilterSDK.com - ProtocolFilters] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\pwm.dll [pwm - pwm] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Savapi.Net.dll [Savapi.Net - Savapi.Net] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\securityservice.cat =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.deps.json =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.dll [ - Ultimate Antivirus by Protected.net] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.exe [TotalAV - TotalAV Ultimate Antivirus Service] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SecurityService.runtimeconfig.json =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SharedDesktop.dll [SharedDesktop - SharedDesktop] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SOS_README.md =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.batteries_v2.dll [SourceGear - SQLitePCLRaw.batteries_v2] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.core.dll [SourceGear - SQLitePCLRaw.core] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.nativelibrary.dll [SourceGear - SQLitePCLRaw.nativelibrary] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SQLitePCLRaw.provider.dynamic_cdecl.dll [SourceGear - SQLitePCLRaw.provider.dynamic_cdecl] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SSCore.dll [SSCore - SSCore] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\System.Configuration.Install.dll [System.Configuration.Install - System.Configuration.Install] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\System.Printing.dll [© Microsoft Corporation. All rights reserved. - System.Printing] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\SystemToolsWindows.dll [SystemToolsWindows - SystemToolsWindows] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Trinet.Core.IO.Ntfs.dll [Richard Deeming - Trinet.Core.IO.Ntfs] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\UiPath.CoreIpc.dll [UiPath - UiPath.CoreIpc] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\uninst.exe [(C) Protected Antivirus Limited - TotalAV Ultimate Antivirus Installer] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.dll [Utilizr - Utilizr] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.NotifyIcon.dll [Utilizr.NotifyIcon - Utilizr.NotifyIcon] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.OpenVPN.dll [Utilizr.OpenVPN - Utilizr.OpenVPN] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.Ras.dll =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.VPN.dll [Utilizr.VPN - Utilizr.VPN] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Utilizr.VPN.RasSharp.NetCore.dll [Utilizr.VPN.RasSharp.NetCore - Utilizr.VPN.RasSharp.NetCore] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Utilzr.WPF.dll [Utilzr.WPF - Utilzr.WPF] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\Webshield.Client.dll [Webshield.Client - Webshield.Client] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\wpfgfx_cor3.dll [© Microsoft Corporation. All rights reserved. - WpfGfx] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\wscf.exe [Protected.net Group Limited - Proteted.net WSCF] =>SUP.Optional.TotalAV FOUND file: C:\Program Files (x86)\TotalAV\wscfd =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\bins =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\driver =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\locale =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\Manifest =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\ovpn =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\protected_elam =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\SAVAPI =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\startup =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\TotalAV\urldrv =>SUP.Optional.TotalAV FOUND folder: C:\Program Files (x86)\DummyDir =>.SUP.Empty FOUND folder: C:\Program Files (x86)\TotalAV =>SUP.Optional.TotalAV FOUND folder: C:\ProgramData\TotalAV\cache =>SUP.Optional.TotalAV FOUND folder: C:\ProgramData\TotalAV\data =>SUP.Optional.TotalAV FOUND folder: C:\ProgramData\TotalAV\logs =>SUP.Optional.TotalAV FOUND folder: C:\ProgramData\TotalAV\queues =>SUP.Optional.TotalAV FOUND folder: C:\ProgramData\TotalAV\updates =>SUP.Optional.TotalAV FOUND folder: C:\ProgramData\TotalAV =>SUP.Optional.TotalAV FOUND folder: C:\Users\User\Documents\TotalAV\PasswordVault =>SUP.Optional.TotalAV FOUND folder: C:\Users\User\Documents\TotalAV =>SUP.Optional.TotalAV FOUND folder: C:\Documents and Settings\User\Documents\TotalAV\PasswordVault =>SUP.Optional.TotalAV FOUND folder: C:\Documents and Settings\User\Documents\TotalAV =>SUP.Optional.TotalAV FOUND folder: C:\ProgramData\SecuritySuite =>SUP.Optional.ScanGuard —\ Registry ( Key, Value, Data) (2) FOUND key: HKCU\Software\SSProtect [AdditionalScan 53] =>.SUP.PCProtect FOUND key: [X64] HKLM\SOFTWARE\Classes\totalav [URL:Total AV Protocol] =>SUP.Optional.TotalAV —\ Summary of the elements found (5) Zone Anti-Malware - ZAM =>SUP.Optional.TotalAV Noyau Chromium, Les Préférences des Navigateurs basés sur l'OS 2019 - ZAM =>ChromiumPreference Zone Anti-Malware - ZAM =>.SUP.Empty Zone Anti-Malware - ZAM =>SUP.Optional.ScanGuard Zone Anti-Malware - ZAM =>.SUP.PCProtect —\ Result of repair ~ Any repair made ~ Google Chrome OK ~ Internet Explorer OK —\ Statistics ~ Items scanned : 100400 ~ Items found : 190 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 —\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of search in 00h05mn44s —\ Reports (0) ZHPCleaner–14052022-14_22_40.txt
Comment
-
I can see from these reports that Total AV is responsible for a lot of dodgy content. I will certainly remove it and would be very gratefull for any tips you have for anti-virus protection software to replace it with?Comment
-
It turns out that Total AV is not showing up as an installed program on my computer! It seems to be on the system, but it does not show up in Geek or in the Windows ‘Add or Uninstall Programs’ section. So I’m not sure how to remove it.
Here is the log from the Security Check Scan:
Code:SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21] WebSite: www.safezone.cc DateLog: 14.05.2022 14:41:10 Path starting: C:\Users\User\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck IsAdmin: True User: User VersionXML: 9.78is-14.05.2022 [HR][/HR] Windows 10(6.3.19044) (x64) Core Release: 2009 Lang: English(0809) Installation date OS: 22.02.2022 13:28:50 LicenseStatus: Windows(R), Core edition The machine is permanently activated. LicenseStatus: Office 16, Office16O365HomePremR_Grace edition Windows is in Notification mode Boot Mode: Normal Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe SystemDrive: C: FS: [NTFS] Capacity: [474.9 Gb] Used: [400.5 Gb] Free: [74.4 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.789.19041.0 User Account Control enabled (Level 3) Never check for updates Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Total AV (enabled and up to date) Windows Defender (disabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Windows Defender Firewall (mpssvc) - The service is running --------------------------- [ OtherUtilities ] ---------------------------- Microsoft 365 - en-us v.16.0.15128.20224 Dell SupportAssist v.3.11.1.18 ------------------------------- [ Backup ] -------------------------------- Microsoft OneDrive v.22.089.0426.0003 [+] Dropbox v.148.4.4519 -------------------------- [ IMAndCollaborate ] --------------------------- Microsoft Teams v.1.5.00.11163 WhatsApp v.2.2216.7 [+] Zoom v.5.9.3 (3169) Warning! Download Update Telegram Desktop version 3.7.3 v.3.7.3 -------------------------------- [ Media ] -------------------------------- Spotify v.1.1.81.604.gccacfc8c Warning! Download Update VLC media player v.3.0.16 Warning! Download Update --------------------------- [ AdobeProduction ] --------------------------- Adobe Acrobat DC (64-bit) v.22.001.20117 ph v.1.0.0 << Hidden Warning! This software is no longer supported. Please uninstall it. bl v.1.0.0 << Hidden Warning! This software is no longer supported. Please uninstall it. ------------------------------- [ Browser ] ------------------------------- Google Chrome v.101.0.4951.54 Warning! Download Update ------------------ [ AntivirusFirewallProcessServices ] ------------------- Microsoft Defender Antivirus Service (WinDefend) - The service has stopped Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service has stopped ---------------------------- [ UnwantedApps ] ----------------------------- C:\Program Files (x86)\TotalAV\SecurityService.exe v.5.16.203.0 PC Security Management Service (SecurityService) - The service is running C:\Program Files (x86)\TotalAV\SecurityService.exe v.5.16.203.0 PC Security Management Service (SecurityService) - The service is running C:\Program Files (x86)\TotalAV\SecurityService.exe v.5.16.203.0 ----------------------------- [ End of Log ] ------------------------------
Comment
-
Run the adware cleaning programs and post the logs. I believe adware cleaner is scripted to remove it, if not then we can remove it with other tools.Comment
-
-
Comment