I have 2 viruses found by Avast!

Welcome to Majorgeeks!

Did you choose to keep MessengerPlus! 3 even though we warned you about it in the READ ME? Hopefully you refused to install the 3rd party malware that come with it!

Did you purchase AdwareAlert that is running? It was on the rogue tool list for awhile and was recently de-listed but it still is not that useful. There are better pay choices and many free items that are also better. Consider uninstalling AdwareAlert.

I also see you have the BullGuard Bundle installed! Did you read this info before you installed this:
http://research.sunbelt-software.com/threat_display.cfm?name=Bullguard&threatid=26018

Post a log from Avast showing exactly what and where it is finding problems?
Have you tried running a fullscan with Avast while you are in safe boot mode? If not, please try that.

 

Are you referring to the below?

Just use Windows Explorer to locate and delete the file.

And these:

.
This may be a false positive or it could be that your Sims disks came with an infection. You should check with them. Other people have see the same thing. See the below.
http://groups.google.co.il/group/alt.games.the-sims/browse_thread/thread/c3ed0b04af885c45/62797bde22ec2a41?q=TS2UPD.exe&rnum=1#62797bde22ec2a41

 

Okay we have some things to fix up here though! And you should uninstall all the Bullguard stuff. You are conflicting it with ZoneAlarm and you must only use one firewall. Since Bullguard is considered adware/bundleware you should remove it.

Make sure viewing of hidden files is enabled (per the tutorial).
Please run HijackThis and click on the Open the Misc Tools Section button on the open page. Then select Open process manager on the left-hand side. Look for the following process (or processes) and one at a time kill them by selecting it and then click Kill process. Then click yes.
C:\Program Files\MessengerPlus! 3\MsgPlus.exe

After killing all the above processes, click Back.
Then please click Scan and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.Exe -boot
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to:
C:\Program Files\AdwareAlert to <--- the whole folder delete
C:\Program Files\MessengerPlus! 3 <--- the whole folder

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.
Now run Ccleaner (installed while running the READ ME FIRST).

Now reboot in normal mode and post a new HJT log.

Make sure you tell me how things are working now.

Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.

 

Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'. On the page that opens, scroll down to BullGuard LiveUpdate (if that is not found, look for the short name: BGLiveSvc)... then right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.

Now repeat the above stop and disable for the following services:
BullGuard Main
BullGuard File Monitoring
BullGuard Firewall
BullGuard Email Monitoring

Next, run HJT, but instead of scanning, click on the "None of the above, just start the program" button at the bottom of the choices. At the lower right, click on the 'Config" button, and then the Misc tools' button ... select 'Delete an NT Service" ... copy/paste the following into the box that opens, and press "OK":

BGLiveSvc

Now repeat the Delete NT Service steps for:
BGMainSvc
BsFileSpy
BsFirewall
BsMailProxy
If you receive any error messages just ignore them and continue.

Now exit HJT and reboot when it tells you it needs to.
After reboot, attach a new HJT log.

 

All cleaned up!

If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!

 

You're welcome. Surf safely!