Hello ANYONE who can help me! LOL ! I’ve been battling this thing for 3 days now and it’s time to call in the big guns. I am not super knowledgable about computers, but I can usually manage… however this time, I am stumped. I need help. My laptop is running super slow and I am having difficulty getting any programs to run. I am now using a different computer so I can receive emails. I have ran MalwareBytes (on the infected laptop) and will include the log. I can not download the aswmbr.exe file however. Not sure what to do next - Please help anyone that can. I will follow any advice or suggestion. Thanks so much in advance!!!
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.04.10.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Valued Customer :: VALUED-92BF5E73 [administrator]
4/13/2012 12:01:34 PM
mbam-log-2012-04-13 (12-01-34).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231608
Time elapsed: 53 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 1
C:\Documents and Settings\Valued Customer\Application Data\Avira\Avira\sgpeue.dll (Trojan.Agent.GMAGen) → Delete on reboot.
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Agent.GMAGen) → Data: rundll32.exe “C:\Documents and Settings\Valued Customer\Application Data\Avira\Avira\sgpeue.dll”,DllRegisterServer → Quarantined and deleted successfully.
HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Agent.GMAGen) → Data: rundll32.exe “C:\Documents and Settings\Valued Customer\Application Data\Avira\Avira\sgpeue.dll”,DllRegisterServer → Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Documents and Settings\Valued Customer\Local Settings\Temp\0.5999004351177931 (Exploit.Drop.9) → Quarantined and deleted successfully.
C:\Documents and Settings\Valued Customer\Application Data\Avira\Avira\sgpeue.dll (Trojan.Agent.GMAGen) → Delete on reboot.
(end)