Possible Trojan

A few weeks ago I started getting a BSOD with Photoshop and then realized that other Adobe products had the same problem. I posted about that in another forum but decided to do a virus scan just to be safe. Norton found nothing. I heard about Malwarebytes and did a scan with that and it found 2 files I believe which I tried to have it remove to no avail.


Problems I have been noticing:

1.) Random sounds playing from Host Process for Windows Service.
2.) My screen doesn't seem to shut off at the same time it used to.
3.) My desktop icons keep getting realigned to the left and jumbled with no order that I am aware of. Automatically arrange isn't checked.
4.) During the process of trying to find out about the random sounds playing from Host Process for Windows Service, whenever I clicked what seemed to be a useful link I got directed to some Hotmail and/or Microsoft website. When I was trying to get Defogger I had a similar issue. I eventually had to resort to going to a different computer, downloading it, and then emailing it to myself because every download link I could find redirected me to the hotmail page. I was also redirected for some of the other tools but was able to find download links for them.
5.) Additionally, I uninstalled Norton at some point because I thought it may have been affecting driver installation. That may have been a bad idea. It was after that that Malwarebytes noticed the trojans but for all I know it could've occurred before. When I went to reinstall Norton it tells me I need to restart. I restart, it tells me the same thing. I restart again and it just keeps telling me the same thing. Sorry for my stupidity on that part.

I do believe I have followed your Read and Run First procedures correctly and the logs are attached. If I did something wrong please let me know. And thank you for your assistance.

 

It won't let me edit my post. Sorry about that. Some additional information I thought of.

Additionally, a night or a few nights before the BSOD my computer just randomly shut down. I was working on a project for a game and I think stopped to browse the internet. It suddenly asked me if I wanted to save the project I was working on and then restarted or shut down the computer, can't remember which one. I found it odd but Norton didn't give any warnings of anything and I thought it was possible I had accidentally hit alt+f4 or something like that and done it myself.

So timeline of events:
1.)Computer operating fine.
2.)Computer randomly shuts down or restarts
3.)BSODs from Adobe Photoshop CS4
4.)BSODs from other Adobe products (probably started occurring the same time as #3 but I rarely use my other adobe products)
5.)Began reading about possible solutions and stupidly removed Norton
6.)Installed Malwarebytes and it detected the Trojans, were not removable.
7.)Began noticing Host Process Sounds and computer screen problem.
8.)Desktop Icon Rearrangement

Hotmail problem began occurring somewhere in the middle of all of that while I was trying to find BSOD solutions. I had assumed it was just because the forum required log in but I'm not so sure about that now.

 

Thank you for your help. The log is attached.

Another possible problem stemming from all this is that I just noticed that my clock on the computer is 1 hour ahead but the time zone is right. Not a big deal or anything but I've been trying to give as many details as possible in case something like that can help identify the problem.

 

Thanks again. The logs are attached.

As of the last restart, my icons still aligned over to the left and my clock is now 3 hours ahead (which I can change but will leave for the time being).

Computer has only been going for a few minutes since the last scan you told me to do so I don't know about the random sounds yet.

 

My only option for this is to Skip, Copy to Quarantine, or Delete. Which one of these should I select?

 

Thanks. I chose delete.

I had done an extra Scan with RogueKiller last night (will explain in a second) so my first log from today is the one with the [3] in it. I'm not sure if you needed both [4] and [5] but I uploaded them both. I will upload the TDSS one in a separate post.

My desktop has gone back to normal. I haven't heard the random sounds since yesterday morning I don't think. The clock is still terribly off but I don't know if that will fix itself. When I did the RogueKiller scan after choosing to delete the file it didn't show back up. Thanks again.

Regarding that extra scan. My RogueKiller keeps saying it isn't updated and would you like to go to the website to update it. If I click yes it takes me there but I don't see a download link anywhere. It says "Download:" but then the area after it is just blank. Plus the website is in French which doesn't help although I do understand a little French. Guess I could use google translate but the download link still wouldn't be there. I accidentally did an extra scan at some point while trying to update.

 

TDSS Killer log is attached. Others are in the post below.

 

Here is the log. My clock seems to be correct now.

 

Logs attached. Desktop is still fine. Computer clock is now 2 hours ahead again. I think it did that after the last frst scan but it might've been after the frst fix.

 

I seem to be I guess. I would imagine you wouldn't ask me if I weren't. The only problem left is really the clock which I can change myself.

Also there are 3 "hidden" files on my desktop. 2 that are desktop.ini and one that is a word document I think I deleted a while back. Can I remove those? I tend to keep Show Hidden files on but they were not present until I began the malware removal process.

 

Thanks for the help.

At some point during all of that, even though I did not disable hidden folders, the hidden folders went away as well as the shortcuts for several of those programs that I had to download for this even though I don't believe I told anything to remove them.

Everything seems okay though. I tried to reinstall Norton but that didn't work so I chose a different one instead and now Norton Downloader won't shut up every time I restart my computer.

Thanks again for all your help. If something comes up that I think is related to this I guess I will either post here or make a new topic depending on which seems warranted according to the rules here.