Gringo,
Okay, below are the two reports (Junkware Removal Tool and aswMBR)you requested.
Now I'm curious about something; so is the "Data Execution.....Generic Host...." message (a copy sent by attachment, Post #53), Windows way of talking about remnants of the old AVG software as well? Or is this a separate and distinct issue from Combofix's warning about AVG?
This stuff is indeed a foreign language, and being a poor student of languages, I have nothing but admiration for people that master and excel at this stuff!
Junkware Removal Tool:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.1 (04.03.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Wed 04/03/2013 at 22:23:08.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-4054337592-158427668-1569766415-1003\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\WINDOWS\tasks\ISP signup reminder 1.job
Successfully deleted: [File] C:\WINDOWS\tasks\ISP signup reminder 2.job
Successfully deleted: [File] C:\WINDOWS\tasks\ISP signup reminder 3.job
Successfully deleted: [File] "C:\Documents and Settings\Owner\desktop\play games.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\bigfix"
~~~ FireFox
Successfully deleted the following from C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\65ytao2x.default\prefs.js
user_pref("browser.newtabpage.blocked", "{\"h5Jj4nfVZlB2K6EZmRLg9Q==\":1,\"SLrN9KJv2GWHRzPbY7GQeQ==\":1,\"rRj/Ua80HAr/8seLzNjCVA==\":1,\"EyUm8cLkbjGnG1nKDAcqbA==\":1,\"kOv/JJA
Emptied folder: C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\65ytao2x.default\minidumps [8 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/03/2013 at 22:29:22.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
aswMBR:
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-03 22:58:41
-----------------------------
22:58:41.406 OS Version: Windows 5.1.2600 Service Pack 3
22:58:41.406 Number of processors: 1 586 0x2402
22:58:41.406 ComputerName: CLAUDE-LAPTOP UserName: Owner
22:58:43.375 Initialize success
23:08:36.078 AVAST engine defs: 13040301
23:09:31.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
23:09:31.593 Disk 0 Vendor: HTS541060G9AT00 MB3VA60A Size: 57231MB BusType: 3
23:09:31.921 Disk 0 MBR read successfully
23:09:31.921 Disk 0 MBR scan
23:09:32.390 Disk 0 unknown MBR code
23:09:32.421 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 52713 MB offset 9237375
23:09:32.625 Disk 0 Partition 2 00 0B FAT32 RECOVERY 4510 MB offset 63
23:09:32.781 Disk 0 scanning sectors +117194175
23:09:33.390 Disk 0 scanning C:\WINDOWS\system32\drivers
23:09:56.468 Service scanning
23:10:44.781 Modules scanning
23:11:18.906 Disk 0 trace - called modules:
23:11:18.937 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
23:11:19.031 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82fde030]
23:11:19.046 3 CLASSPNP.SYS[f8687fd7] -> nt!IofCallDriver -> \Device\0000009d[0x82f1b9e8]
23:11:19.046 5 ACPI.sys[f847e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82fde940]
23:11:21.500 AVAST engine scan C:\WINDOWS
23:11:29.265 AVAST engine scan C:\WINDOWS\system32
23:14:41.562 AVAST engine scan C:\WINDOWS\system32\drivers
23:15:00.218 AVAST engine scan C:\Documents and Settings\Owner
23:19:27.406 AVAST engine scan C:\Documents and Settings\All Users
23:20:55.265 Scan finished successfully
23:21:35.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
23:21:35.218 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"