Parogar

I guess only certain random people get help and you have to be one of the lucky ones :/

Okay, I think I'm beginning to piece together what happened, though I'd still love any help. I have been reading the comments on the youtube video with more scrutiny. there are thousands of comments, but every single one of them (from what I can see) is spam. I think I downloaded a virus that makes you go to this particular video and add spam.https://www.youtube.com/watch?v=jtTzEJUS0io

Okay, just an update. I was browsing through my firefox history, and it seems that the website was visited from MY computer at 6:46 while I was at the gym this morning. This shouldn't be possible, because no one was home and I had the alarm/door on. Is it possible for a hacker to have accessed my computer remotely and forced me to go to this website? I checked event viewer, and the computer was "restarted" a few minutes afterwards. "The process C:\Users\Kevin\AppData\Local\Temp\27913.exe (KEVIN-PC) has initiated the restart of computer KEVIN-PC on behalf of user Kevin-PC\Kevin for the following reason: Security issue" Someone PLEASE PLEASE HELP ME

What I am about to say is VERY confusing, so I will try to elaborate as best as I can, because I have never been as desperate for help as I am right now. Today, I noticed that someone on Youtube had posted a comment under my own account. In other words, my Youtube name is UnresolvedExternal, and at 6:46 A.M. while I was at the gym, someone posted the following message on THIS youtube video: "This site is clearly a scam, no one should be using it !!" I immediately changed my password, but I was confused, because why would someone hack my account just to call another video user a scam? At any rate, I looked into my google+ security and it did not show ANY unauthorized logins. Next, I ran Malware Bytes and it found that I had the following: "Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.04.11.07 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Kevin :: KEVIN-PC [administrator] 4/11/2014 10:13:45 AM mbam-log-2014-04-11 (10-13-45).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 241948 Time elapsed: 7 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Hijack.Shell.Gen) -> Data: C:\Users\Kevin\AppData\Roaming\EelguyPf\f1YRdTk.exe,explorer.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 1 C:\Users\Kevin\AppData\Roaming\imlgs (Stolen.Data) -> Quarantined and deleted successfully. Files Detected: 2 C:\Users\Kevin\AppData\Roaming\imlgs\10-04-2014 (Stolen.Data) -> Quarantined and deleted successfully. C:\Users\Kevin\AppData\Roaming\imlgs\11-04-2014 (Stolen.Data) -> Quarantined and deleted successfully. (end)" Now, here's why I need help. The first thing I am wondering is if there is a causal relationship between this "virus" (or whatever it is) and my youtube account comment DESPITE the fact that Google+ security does not show that anyone had gained unathorized access to my account. The second thing I was wondering is how to read the file to find out what was stolen. It's just random characters. Does this file mean that every single one of my passwords stored in Firefox was stolen? Every last one of them?