Helping Mom!?

Welcome to Major Geeks!

Out of curiosity, I have to ask why you would make such a long user name that appears just be a bunch of randomly typed letters?

Is it really XXXXXX.dll or is it something else? No signs of this exist in your logs.




Based on your logs, it looks like Malwarebytes removed whatever malware you had. However, let me ask the below questions:

• Did you configure the below proxy settings

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (actsvr.comcastonline.com:8100) -> FOUND
[PROXY IE] HKLM\[...]\Internet Settings : ProxyServer (hxxp=localhost:7171) -> FOUND
[PROXY IE] HKLM\[...]\Internet Settings : ProxyEnable (1) -> FOUND

• Do you know why your MBR (Master Boot Record ) would show as an unknown type?
• Also there is this unknown partition >>
  Code:

  [B]Partition 4    Unknown           3224 MB   146 GB[/B]

  Sometimes these are not a problem and sometimes they are a symptom of a partition infection. Removing them is sometimes easy, and sometimes very troublesome as it can cause a PC to become unbootable. Do you have everything you need backed up?

Let's also address a few other minor issues.
Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Uninstall the below software:
J2SE Runtime Environment 5.0 Update 3
Java 2 Runtime Environment, SE v1.4.2_03
Viewpoint Media Player

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll
O3 - Toolbar: Mirar - {DC8D0026-2972-4B15-9887-9348A455FB01} - C:\WINDOWS\system32\winnj77.dll (file missing)
O4 - HKUS\S-1-5-21-3406765724-888289437-3188365110-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Dennis')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

After clicking Fix, exit HJT.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now and also answer all of my questions.

 

Again I have to ask are you sure about that file name? There is no such file name in your logs. Did you mean rundll32.exe ?