Preeeminent

UGH. Well here we go. I went to an "innocent" site called familywatchdog to check on crime in my area. The first link I clicked I got bombarded, literally by a ton of spyware and viruses. I got these fake warnings saying "Your computer has been taken over by viruses", "Antivirus System Pro Alert, Infiltration Alert", a fake bubble pops up from my tray that says "Windows Security Alert, Click Here for the scan you computer" That is not a typo on my part, that is really how it was worded. When I try to use Avast, I get more fake messages that say Security Warning. Application cannot Be executed. Do you wish to activate antivirus software now?" Also Internet Explorer would keep opening up on its own and go to porn sites. Keep in mind that I have Avast and Comodo Firewall going at the time! I did get the warnings, but it did not stop it from getting into my pc! I used Malwarebytes scanner to find some spyware and now the computer seems to be acting ok, but I wanted to make sure I am ok and it is really gone. Whats the point of avast and the firewall if it tells me about the virus, but doesn't stop it! Thanks so much in advance to anyone who can take the time on this for me!
DDS file:
DDS (Ver_09-10-26.01) - NTFSx86
Run by Owner at 16:49:24.62 on Fri 10/30/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.382.31 [GMT -7:00]

AV: avast! antivirus 4.8.1356 [VPS 091030-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=Product Name
uStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=Product Name
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=Product Name
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [readericon] c:\program files\digital media reader\readericon45G.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [Power2GoExpress] NA
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\06qu9qel.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-10-20 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-10-20 132296]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-10-20 25160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-10-20 20560]

=============== Created Last 30 ================

2009-10-30 03:56:37 0 d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2009-10-30 03:56:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-30 03:56:26 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-30 03:56:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-30 03:56:25 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-30 03:08:06 0 d-----w- c:\program files\afsacg
2009-10-25 19:05:42 0 d-sh--w- c:\documents and settings\owner\IECompatCache
2009-10-25 19:03:49 0 d-sh--w- c:\documents and settings\owner\PrivacIE
2009-10-25 19:02:00 0 d-sh--w- c:\documents and settings\owner\IETldCache
2009-10-25 18:58:40 0 d-----w- c:\windows\ie8updates
2009-10-25 18:56:32 0 dc-h--w- c:\windows\ie8
2009-10-25 18:54:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-10-25 18:54:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-10-25 18:54:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-10-25 18:54:07 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-10-25 18:54:07 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-10-25 18:54:05 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-10-25 18:53:49 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-10-22 23:15:38 0 d-----w- c:\windows\ServicePackFiles
2009-10-22 02:53:34 0 d-----w- c:\docume~1\owner\applic~1\OpenOffice.org
2009-10-22 02:43:43 0 d-----w- c:\program files\JRE
2009-10-22 02:43:19 0 d-----w- c:\program files\OpenOffice.org 3
2009-10-22 02:42:53 73728 ----a-w- c:\windows\system32\javacpl.cpl
2009-10-22 02:42:53 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-21 00:01:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Comodo
2009-10-21 00:01:21 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-10-21 00:01:21 179792 ----a-w- c:\windows\system32\guard32.dll
2009-10-21 00:01:21 132296 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-10-21 00:01:14 0 d-----w- c:\program files\COMODO
2009-10-20 23:44:40 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-10-20 04:34:24 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-10-20 04:34:24 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-10-20 04:29:37 2142720 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-20 04:29:36 2185984 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-10-20 04:29:36 2020864 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-20 04:29:35 2062976 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-10-20 04:16:54 0 d-----w- c:\windows\system32\PreInstall
2009-10-20 03:43:49 54156 ---ha-w- c:\windows\QTFont.qfn
2009-10-20 03:43:49 1409 ----a-w- c:\windows\QTFont.for
2009-10-19 03:27:47 8704 ----a-w- c:\windows\system32\CNMVS75.DLL
2009-10-19 03:27:46 139776 ----a-w- c:\windows\system32\CNMLM75.DLL
2009-10-19 03:27:44 90112 ----a-w- c:\windows\system32\CNMCP75.exe
2009-10-19 03:21:05 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-10-19 03:21:05 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-10-18 22:41:27 0 d-----w- c:\program files\common files\Macrovision Shared
2009-10-18 21:01:39 0 d-----w- c:\docume~1\owner\applic~1\McAfee.com Personal Firewall
2009-10-18 20:53:32 2 ----a-w- c:\windows\msoffice.ini
2009-10-18 20:52:56 0 d-----w- c:\windows\system32\SoftwareDistribution
2009-10-18 19:36:56 8192 ----a-w- c:\windows\REGLOCS.OLD
2009-10-18 19:35:44 45408 ----a-w- c:\windows\system32\Status.MPF
2009-10-18 19:35:06 0 ----a-w- c:\windows\system32\Gateway_ProductName_Versionxx_Serialnumberxxxxxx.MRK
2009-10-18 19:30:48 0 d-----w- c:\docume~1\owner\applic~1\AOL
2009-10-18 19:28:56 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-10-18 19:20:50 0 d--h--w- c:\windows\$hf_mig$
2009-10-18 19:20:09 0 d-----w- c:\program files\McAfee
2009-10-18 19:20:07 0 d-----w- c:\windows\system32\LogFiles
2009-10-18 19:19:55 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee.com Personal Firewall
2009-10-18 19:19:22 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee.com
2009-10-18 19:18:59 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-10-18 19:18:15 0 d-----w- c:\windows\RegisteredPackages
2009-10-18 19:18:07 67072 ----a-w- c:\windows\POWERCFG.EXE
2009-10-18 19:16:43 0 d-----w- c:\docume~1\owner\applic~1\You've Got Pictures Screensaver
2009-10-18 19:16:42 0 d-----w- c:\program files\common files\Nullsoft
2009-10-18 19:16:16 0 d-----w- c:\program files\common files\Real
2009-10-18 19:16:05 0 d-----w- c:\program files\Viewpoint
2009-10-18 19:16:05 0 d-----w- c:\docume~1\alluse~1\applic~1\Viewpoint
2009-10-18 19:16:04 0 d-----w- c:\docume~1\alluse~1\applic~1\Pure Networks
2009-10-18 19:16:01 0 d-----w- c:\program files\Pure Networks
2009-10-18 19:15:53 0 d-----w- c:\program files\common files\AolCoach
2009-10-18 19:15:26 1119 ---ha-w- C:\IPH.PH
2009-10-18 19:15:25 0 d-----w- c:\program files\common files\AOL
2009-10-18 19:15:14 10280 ----a-w- c:\windows\BigFixClientOverride.dll
2009-10-18 19:15:13 0 d-----w- c:\program files\BigFix
2009-10-18 19:14:12 0 d-----w- c:\program files\MSN Encarta Plus
2009-10-18 19:13:56 0 d-----w- c:\program files\Digital Media Reader
2009-10-18 19:13:43 0 d-----w- c:\windows\Downloaded Installations
2009-10-18 19:12:43 0 d-----w- c:\docume~1\alluse~1\applic~1\Napster
2009-10-18 19:12:28 0 d-----w- c:\program files\Napster
2009-10-18 19:12:23 89088 ----a-w- c:\windows\system32\atl71.dll
2009-10-18 19:11:24 30277 ----a-w- c:\windows\system32\nvapps.xml
2009-10-18 19:11:12 180224 ----a-w- c:\windows\system32\nvudisp.exe
2009-10-18 19:11:12 15078 ----a-w- c:\windows\system32\nvdisp.nvu
2009-10-18 19:11:12 0 d-----w- c:\windows\nview
2009-10-18 19:10:24 0 d-----w- c:\program files\Realtek Sound Manager
2009-10-18 19:10:24 0 d-----w- c:\program files\AvRack
2009-10-18 19:10:19 0 d-----w- c:\program files\Realtek AC97
2009-10-18 19:09:52 4 ----a-w- c:\windows\Pix11.dat
2009-10-18 19:09:18 20480 ----a-w- c:\windows\system32\Marker32.exe
2009-10-18 19:08:40 2238 ----a-w- c:\windows\system32\32-aol.ico
2009-10-18 19:08:40 1406 ----a-w- c:\windows\system32\16-aol.ico
2009-10-18 19:05:51 94208 ----a-w- c:\windows\system32\bae.dll
2009-10-18 19:05:50 471300 ----a-w- c:\windows\wallpe.exe
2009-10-18 19:05:50 30056 ----a-w- c:\windows\system32\oemlogo.bmp
2009-10-18 19:00:44 3632 ----a-w- c:\windows\system32\nvnrm.nvu
2009-10-18 19:00:44 176128 ----a-w- c:\windows\system32\nvunrm.exe
2009-10-18 19:00:44 100480 ----a-w- c:\windows\system32\drivers\nvtcp.sys
2009-10-18 19:00:43 176128 ----a-w- c:\windows\system32\nvusmb.exe
2009-10-18 19:00:43 1391 ----a-w- c:\windows\system32\nvsmb.nvu
2009-10-18 19:00:36 0 d-----w- c:\windows\system32\ReinstallBackups
2009-10-18 19:00:33 176128 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-10-18 18:56:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Prism Deploy
2009-10-18 18:56:26 0 d-----w- c:\program files\common files\New Boundary
2009-10-18 18:54:19 2 --sh--r- C:\USER
2009-10-18 18:53:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-10-18 18:53:50 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-10-18 18:53:47 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-10-18 18:53:19 0 d-----w- c:\program files\CONEXANT
2009-10-18 18:53:01 17024 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-10-18 18:52:59 7168 ----a-w- c:\windows\system32\hccoin.dll
2009-10-18 18:52:59 26624 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-10-18 18:48:19 60 ----a-w- c:\windows\system32\SYSDRV.DAT
2009-10-18 18:48:16 0 d-----w- c:\windows\creator
2009-10-18 18:45:57 49211 ----a-w- c:\windows\system32\usrsdpia.dll
2009-10-18 18:44:57 157696 ----a-w- c:\windows\system32\paqsp.dll
2009-10-18 18:43:59 63744 ----a-w- c:\windows\system32\drivers\mf.sys
2009-10-18 18:42:57 47104 ----a-w- c:\windows\system32\cnbjmon.dll

==================== Find3M ====================

2009-10-18 19:16:21 8552 ----a-w- c:\windows\system32\drivers\asctrm.sys
2009-09-11 14:33:52 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45:26 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:16:37 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 09:11:47 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 12:51:17 2185984 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 12:02:00 2062976 ----a-w- c:\windows\system32\ntkrnlpa.exe

============= FINISH: 16:50:00.28 ===============

Attached Files

spywarescan.rar (3.5 KB, 1 views)

Preeeminent

Update! I did just look into my windows/system 32/ host file and there was something about winguard.microsoft.com and when I went to that address it took me to a site for the spyware/fake virus protection program that was sending me messages about "install now! You are being attacked" sort of thing.(Back before I did a Malwarebytes scan) So I deleted that and resaved my host file.

Preeeminent

Bump up