SandBox malfunction possibly virus

[essexboy]

Let me know how it goes after the SFC

[CAS159]

No, I don't use IE browser except to run Bitdefender Online Scan last night with negative results and a couple other apps.  I ran an Avast Boot Scan last night with negative results.  However, my system recovered from Standby Mode with no problems.  It seems like every time I run scans everything clears up for a couple of days.

[essexboy]

That would tend to suggest a system problem of some sort, what do the returns from sleep screens look like ?  As to date I know of no malware that does that

[CAS159]

I do have an old 865 processor, ASUS P4P800-E MB, which has a virtual CPU.  Even after the MB burned out I got another one.
After the scans the Standby works fine.  When I get a screen freeze I can't get anything to work without a re-boot.  BitDefender's online scan did not impress me last night because of the lack of information as to what was being scanned.  I want to do an online scan of all my files on my drives independent of my operating system with a screen telling me where the scan is at.  It will take all night with only it running.  Any ideas? 
In any case I don't feel comfortable updating to Windows 7 with XP running virtual until I've cleared this problem up.  I just scanned online Explorer.exe with Avast and I'm about to try ESET's online scanner.

[essexboy]

You could use Dr Web as that is a standalone, quite customisable and works outside of windows 

Create an emergency repair USB drive:
Download Dr Web Live USB to your desktop

• Connect a USB flash drive to the computer. Registering the plugging in event takes no more than 10 seconds.
• Launch drwebliveusb.exe.
• The program will detect available USB-devices automatically and prompt you to choose the one you?d like to use as an emergency repair drive. You can format the device if you like (a warning will be displayed before you proceed with formatting). In order to read the License agreement, follow a corresponding link found in the program window (the page containing the license agreement text will be loaded in your default browser).

• To create a bootable USB flash drive, press the Create Dr.Web LiveUSB button.
• Files will be copied automatically.
• Once the copying process is completed, press the Exit button to close the application.
• Reboot the infected computer with the USB in the drive
• Ensure that the first boot device is USB - If you are not sure about that then see this page for instructions
  
• As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.

• Use arrow keys to select  DrWeb-LiveCD (Default)

• Press select objects for scanning

• When the system is loaded, check the disks or folders you want to scan, and click on Start.
• The programme will now scan for and cure/delete any malware that it finds.  Allow it to do so 

• When it has completed

• Select Open Report and copy to the USB
• Once completed reboot to normal windows, and attach the report here

[CAS159]

Thank for the "Dr Web Live USB".  I just finished ESET Online Scan.  It found 26 problems four of which were "cleaned by deleting - quarantined", and the rest "deleted - quarantined" of which I have to sort out.  I attached the text file report.  I have to sort it out because I'm not sure what to save or delete.  In any case I can't do both that and "Dr Web Live USB" today.  Besides that I drive a cab and today is a Saint Patrick's party day and night which is like a pagan ritual for two weekends.  I must be the only cab driver with a BSCS.
Four of the files were deleted and the others I'm confused as to ESET's message "deleted - quarantined"  It appears that I can safely delete all the "deleted - quarantined" files and I'm checking the ESET Knowledge Base to delete them permanently.

[essexboy]

They should all disappear when eset is unloaded

Could you post the log of found threats as I am intrigued as to what it found

[CAS159]

I posted the log as "ESET SCAN RESULTS.txt" in my previous post. I Googled all the virus decriptions but did not save anything.  I have to re-boot because FireFox is jumping between tabs.  I had to shut down screen saver and power settings for it to run without interference.  It is incredible what ESET found.

[essexboy]

They are all PUP's and would have been removed by AdwCleaner, but I see we did not run that.  They would not have caused major problems, just slowed down the internet and maybe re-direct searches

 Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.
  

[CAS159]

I ran ADWCleaner multiple times.  The first time it froze up and I had to reboot.  I have multiple text files from and Quarantine file. 
AdwCleaner[S0].txt
AdwCleaner[S1].txt
AdwCleaner[R0].txt
AdwCleaner[R1].txt
AdwCleaner[R2].txt
Quarantine.txt

AdwCleaner[R2].txt & Quarantine.txt are on my next post because of  Attachments Restrictions: 4 per post

[CAS159]

My control of my mouse and screen had been erratic up to now.  i suppose ADWCleaner fixed it.
The first time I ran ADWCleaner the program froze when the one and only directory was displayed and I clicked Clean.  I had to re-boot and run the program again.  This file is displayed in Quarantine.
C:\Documents and Settings\Carman Sgro\Application Data\Mozilla\Firefox\Profiles\7lo0yuy1.default\user.js

[essexboy]

How is the overall behaviour now ?

[CAS159]

Behavior of the browser, mouse, and screen is for now normal without all my previous problems.  However I have not given it enough time as it usually returns within days.  I think I saw that my USR toolbar icon for "ControlCenter Instant Update" has been corrupted so I deleted it, besides it didn't update anything anyway.  The same for the "EarthLink Accelerator", which I have to track and send to the Recycle Bin.
You previously mentioned "Dr Web Live USB" to create an "emergency repair USB drive".  I know there is a problem with my CMOS recognizing USB drives on boot startup.  I have a:
FastTrack 378(tm) Bios Version 1.00.037(c) 2003 Promise Technology, Inc., V2.51 American Megatrends, inc..
So I'm looking for an upgrade to my CMOS but I must ensure that my HyperThreading is still working because I use it to make an extra virtual processor on my Asus P4P800 478 pin MB with a 2.4Ghz processor.  I tried getting a upgrade before without success.  Any suggestions I suppose will not be until tomorrow, Monday, I suppose.  In the meantime I'm Googling it tonight.   
 

[CAS159]

Okay I was on Wiki last night after my post and FireFox froze.  So I started Adwcleaner and that did not show any results for an hour.  So I started ESET online scan and found 12 problems I posted.
After that I ran Adwcleaner for about 4 hours and it did not show any results but I didn't have any control of the program as all messages to exit were behind Adwcleaner which I found later.  I've  posted the text for both. 

[essexboy]

All the eset lines were in system restore so are harmless unless you restore to an earlier time

Do you experience this a lot with just firefox or does it happen on other browsers as well