Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Random Discord Sound, Discord not on [Solved]


  • This topic is locked This topic is locked

#1
ndskykng

ndskykng

    Member

  • Member
  • PipPipPip
  • 161 posts

I feel like my computer has been infected/taken over.  The Google searches don't quite show the URL I expect.  And mainly there is random "discord" notification sound that pops up here and there, and Discord has definitely been shut down.  Any help to clean up the computer from experts would be most appreciated =)


  • 0

Advertisements


#2
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts

Hi,  ndskykng. (Can I call you something ... more easy? )
 
Here we can check your computer for malware. 
 
To begin with:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.

If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe

  • Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.

(To attach the files, click on the More Reply Options at the bottom right of the reply area, and then choose Attach File)


  • 0

#3
ndskykng

ndskykng

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

Awesome, appreciate the help.

Attached Files


Edited by ndskykng, 09 August 2021 - 09:52 AM.

  • 0

#4
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts

Thank you for the logs.

I am currently reviewing them.

 

Meanwhile, adhere to the guidelines below:

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

4. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

5. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.


  • 0

#5
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts

Hello, again.
 
I don't see signs of an active infection in your logs.
 
Some questions/comments for a start:
 
1. Google Drive sync at Start-up
 
You have this feature enabled. As a result, specific files in the TEMP folder are created every time you start your computer. We are going to delete them now, but they will continue to be created at every startup. You don't have a hard disk's space issue, so this isn't a problem now, but I have to ask you: Do you want Google Drive to sync when you start your computer? The sync will be done, anyway, when you open the Google Drive.
 
 
2. Google Home page
 
You have set as your Home page this: marquee.blogs.cnn.com
 
Are you aware of this? 
 
 
3. Discord
 
You said that you are having problems with it. Try to uninstall and reinstall the program, and let me know if the problem insists.
 
 
4. ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.

  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

 

Please go through the 4 steps above, and report back.


  • 0

#6
ndskykng

ndskykng

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts
While it's scannin
 
1. Google Drive sync at Start-up
 
I dont mind this.  I like not having to think about starting it up manually
 
2. Google Home page
 
I did NOT know this.  Is this a sign of a virus?
 
You have set as your Home page this: marquee.blogs.cnn.com
 
Are you aware of this? 
 
 
3. Discord
 
Haven't heard the chime after no.  But then I didnt hear it at all today either, so idk

  • 1

#7
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts

Thank you for the information.

 

Let's see the Eset report, and then we are going to take care of everything else. 


  • 0

#8
ndskykng

ndskykng

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts
8/9/2021 11:54:19 AM
Files scanned: 453421
Detected files: 0
Cleaned files: 0
Total scan time: 00:44:34
Scan status: Finished

  • 0

#9
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts

The log is clean.
 
I won't give you instructions about stop Google Drive sync at start-up, since you prefer to have this feature enabled.


1. FRST fix
 
Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
CHR HomePage: Default -> hxxp://marquee.blogs.cnn.com/
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

2. Upgrade Windows
 
It's the only other thing I can comment regarding your logs. You are now running version 20H2 and the latest one is 21H1. In case you want to upgrade now, I would recommend an in-place upgrade. It will upgrade the operating system to the latest version, fixing any possible corruptions.

  • Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
  • Save the tool on your Desktop and double click to run it.
  • On the License terms page, if you accept the license terms, select Accept.
  • On the What do you want to do page, select Upgrade this PC now, and then select Next.
  • Follow the instructions and select Keep personal files and apps, when you are asked to.
  • It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
  • After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

Let me know if you will proceed with the above step.

 

 

In your next reply please post:

  1. The fixlog.txt
  2. If you upgraded Windows and how the processes went
  3. Feedback: How is the computer running now? Report any remaining issues/questions/concerns

  • 0

#10
ndskykng

ndskykng

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

So I've basically been running this fix for the past 9 hrs now.  And its still on the step where it is deleting files from Temp folder.  I thought it was just a long process.... but does it normally take 8 hrs to do this step??


  • 0

Advertisements


#11
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts
You mean that the FRST fix took so long? If yes, no, it’s not normal. Do you see that it is running or it is stuck?
  • 0

#12
ndskykng

ndskykng

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

Weird.  Literally just finished now.  After like 9-10 hrs.
 

Does that mean anything it took so long?  Anyway, going to update Windows now

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by ndsky (09-08-2021 12:45:07) Run:1
Running from C:\Users\ndsky\Desktop
Loaded Profiles: ndsky
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
CHR HomePage: Default -> hxxp://marquee.blogs.cnn.com/
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"Chrome HomePage" => removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 153778479 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 88214432 B
Edge => 0 B
Chrome => 2077873395 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4484 B
NetworkService => 6447810 B
ndsky => 286347368 B
 
RecycleBin => 135362143 B
EmptyTemp: => 2.6 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 21:38:07 ====

  • 0

#13
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts
Have in mind that the upgrade may take so long. :)
  • 0

#14
ndskykng

ndskykng

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

Upgrade is finally done.  Seems to be ok now?  Haven't heard that tone in awhile now.


  • 0

#15
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,150 posts

Hello.

 

Good job.  :thumbsup: 
 
Just to be sure, please let me see fresh FRST logs.

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP