Have logs that need to be checked

Status
Not open for further replies.
TimeParadoX

TimeParadoX

Posts: 2,222   +4
I recently clicked a link that took me to a website that downloaded a virus thing on my computer, I posted the logs that needed to be checked

I noticed 1 entry from my HJT logs that was not there before I clicked link:

O4 - HKUS\S-1-5-21-240903536-377311529-3107768155-1011\..\Run: [RecordNow!] (User 'Justin')

I looked up RecordNow and it seems to be a program that is used to rip music and stuff, I never downloaded it before

Should I fix it?
Here's a picture of a search I did for the program, it has strange properties


I did AVG / Avast! scans and found nothing
Also panda rootkit found nothing

SpyBot: S&D found a entry called LSA



HJT log:
https://www.techspot.com/vb/attachment.php?attachmentid=24648&d=1194053055
 
Looks like something went wrong with the HJT attachment (doesn't open).

RecordNow is a program by Sonic that (I think) is bundled with some computers. You can remove it if you don't use it.

I see nothing bad in your ComboFix log, except for the following newly created service:

ATLOKHUQCDKX

Go to the start menu, click on run, type cmd and press enter.

Once the command window appears, type in the following:

sc qc ATLOKHUQCDKX

Please post the output of that command, along with a fresh HJT log.

Regards :)

This thread is for the use of TimeParadoX only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
 
Have HJT fix this entry.

O4 - HKUS\S-1-5-21-240903536-377311529-3107768155-1011\..\Run: [RecordNow!] (User 'Justin')

Have SS&D fix all those entries.

Regards Howard :)
 
Thanks howard and kitty.

Kitty when I tried to do what you said it gave a failed message saying:

"Specific service does not exist as a installed service"

Also howard, when I went to recheck my HJT logs to delete that entry it was gone, maybe combofix picked it up or something?
 
If Combofix picked it up, it should be in the Combofix report.

Your system looks pretty clean, other than what SS&D found, which I trust you have fixed?

Regards Howard :)
 
I did fix the SS&D found

I guess when I go into my non-admin account ( Justin ) it loads that recordnow thing, could I just delete it manually by deleting the programs?
 
If it doesn`t show up in add remove programmes, then yes, you can delete it manually.

However, there are several versions of Recordnow!. Look HERE and see if you can identify which version you have.

Regards Howard :)
 
However, there are several versions of Recordnow!. Look HERE and see if you can identify which version you have.
Click to expand...

Well I didn't install recordnow ever... It just randomly appeared on my computer after I clicked that link someone sent me on Steam Friends
 
Status
Not open for further replies.

Similar threads

midian182
Nvidia CEO Jensen Huang's message to kids: generative AI means you don't need to learn...
2
Replies
29
Views
582
Superconductor
Superconductor
Marlo Walker
Nvidia GPU (GTX 1060 6gb) not detected by system
Replies
1
Views
1K
Marlo Walker
Marlo Walker
L
Solved Unknown spyware/ Monitoring/ Hijacking of my devices
Replies
15
Views
3K
Broni
Broni

Latest posts

Back