I hear things that arn't there O.o

[Ἆxule]

Defrag your computer and show me the results.

I did a full scan over night and here are the results.

Scan type: Full scan (C:\|Q:\|)
Objects scanned: 601090
Time elapsed: 4 hour(s), 13 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 5
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 16

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\Users\Nate's\AppData\Local\servicesys32.dll (Trojan.SHarpro.Gen) -> Delete on reboot.
c:\programdata\mouseprofileupdate.dll (Trojan.SHarpro.PGen) -> Delete on reboot.
c:\Users\Nate's\AppData\Local\Google\googleupdate\Googleup.dll (Trojan.SHarpro.PGen) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{0EAB238E-497A-4884-AFA7-AAA599F601Fb} (Trojan.SHarpro.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EAB238E-497A-4884-AFA7-AAA599F601FB} (Trojan.SHarpro.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EAB238E-497A-4884-AFA7-AAA599F601FB} (Trojan.SHarpro.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EAB238E-497A-4884-AFA7-AAA599F601FB} (Trojan.SHarpro.Gen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MouseProfileUpdate (Trojan.SHarpro.PGen) -> Value: MouseProfileUpdate -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Oberon Update (Trojan.SHarpro.PGen) -> Value: Oberon Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Trolltech Update (Trojan.SHarpro.PGen) -> Value: Trolltech Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinRAR Update (Trojan.SHarpro.PGen) -> Value: WinRAR Update -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Nate's\AppData\Local\Temp\thpm3062737837039021031.tmp (Trojan.Exploit.Drop.THPM) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\thpm377124260971730934.tmp (Trojan.Exploit.Drop.THPM) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nsc1DE0.tmp\msintl1a.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nsc1DE0.tmp\msintl1c.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nsc1DE0.tmp\msintl1e.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nshF251.tmp\tzdworf1.png (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nshF251.tmp\tzdworf2.png (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nshF251.tmp\tzdworf3.png (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nsn9993.tmp\001.jgg (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nsn9993.tmp\002.jgg (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nsn9993.tmp\003.jgg (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Temp\nsqBACC.tmp\errpoid2.xx (Trojan.Tracur.VGen) -> Quarantined and deleted successfully.
c:\Users\Nate's\local settings\application data\servicesys32.dll (Trojan.SHarpro.Gen) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\servicesys32.dll (Trojan.SHarpro.Gen) -> Quarantined and deleted successfully.
c:\programdata\mouseprofileupdate.dll (Trojan.SHarpro.PGen) -> Quarantined and deleted successfully.
c:\Users\Nate's\AppData\Local\Google\googleupdate\Googleup.dll (Trojan.SHarpro.PGen) -> Quarantined and deleted successfully.

[» Magic «]

now reboot

[Rocket50]

schizophrenia

[Supertoaster]

can you record it? using audacity or something and setting it to stereo mix?

[Deathie]

...did you actually delete the viruses?

All the scan does is quarantine them. Not remove them.

You should also use CCleaner afterwords to remove any left over registry entries.

[Ἆxule]

...did you actually delete the viruses?

All the scan does is quarantine them. Not remove them.

You should also use CCleaner afterwords to remove any left over registry entries.

That would be nice to know.

[Dale Feles]

Mbam removes them, but you have to reboot your computer in order for them to be completely removed. It usually prompts you after the scan has been finished.

[Ἆxule]

Mbam removes them, but you have to reboot your computer in order for them to be completely removed. It usually prompts you after the scan has been finished.

I swear, I must be an idiot.
I keep getting a virus or something, but I'm watching what I do.

What the shit is this?
I'm always having to restore my pc to an earlier time.

This is really making me want to get that new Computer...

[Supertoaster]

I swear, I must be an idiot.
I keep getting a virus or something, but I'm watching what I do.

What the shit is this?
I'm always having to restore my pc to an earlier time.

This is really making me want to get that new Computer...

If all else fails you can do that or buy a new hard drive.

[Ἆxule]

If all else fails you can do that or buy a new hard drive.

>Laptop

[Cable]

>Laptop

>Laptop harddrives
http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives
http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives
http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives
http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives
http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives
http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives
http://www.newegg.com/Store/SubCategory.aspx?SubCategory=380&name=Laptop-Hard-Drives

[Ἆxule]

I honestly don't know what the hell is up.
I've done a full scan atleast 5 times now, and every time something has come up as corrupted or something.
My only explanation could be because I have firewall of, but I had that off for a loong time before any of this happened. and I can't have the firewall up if I want to play Gmod or something.

The only websites I go to is here, Pandora, occasionally Newgg, youtube, google, and Yahoo.

Another theory of mine might be how Steam got hacked. I didn't change my password until the advertiesments started coming, but what do I know.

[Eion Kilant 739]

I honestly don't know what the hell is up.
I've done a full scan atleast 5 times now, and every time something has come up as corrupted or something.
My only explanation could be because I have firewall of, but I had that off for a loong time before any of this happened. and I can't have the firewall up if I want to play Gmod or something.

The only websites I go to is here, Pandora, occasionally Newgg, youtube, google, and Yahoo.

Another theory of mine might be how Steam got hacked. I didn't change my password until the advertiesments started coming, but what do I know.

1. Get new antivurus, AVAST has worked for me. Even if you only get the free version it still could help.
2. On the MineCraft fourms there was an instance where something with an image caused a popup asking for your username and password (a single instance 1.5 years ago, mind you). Has anything simaler happened to you?
3. Y U NO PLAY GMOD WITH FIREWALL? Does your router atleast have a firewall?
4. Can you post your web history of when it started happening?
5. Mabie you got it when you downloaded something from a trusted site?
6. It could be a time bomb.

7. When you visit sites in/from google, you are visiting the site. Not only google. (this can happen with images too!)

[Ἆxule]

1. Get new antivurus, AVAST has worked for me. Even if you only get the free version it still could help.
2. On the MineCraft fourms there was an instance where something with an image caused a popup asking for your username and password (a single instance 1.5 years ago, mind you). Has anything simaler happened to you?
3. Y U NO PLAY GMOD WITH FIREWALL? Does your router atleast have a firewall?
4. Can you post your web history of when it started happening?
5. Mabie you got it when you downloaded something from a trusted site?
6. It could be a time bomb.

7. When you visit sites in/from google, you are visiting the site. Not only google. (this can happen with images too!)

Well it seems things have suddenly started working right. After maybe a week a thing will pop up saying I got virsus and I need to buy the full subscription to get rid of it. obviously it's not true, so I just restart my computer to the day before.

I'm smart enough to to click pop-ups

When I have McAfee fire wall up, no servers show up. It's as if I'm offline or something.

All that's in my history is here, Youtube, Yahoo, and google mainly.

probably