Active x Error and virus infection

What virus problem did you have and why did you remove Norton AV?

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above you still have a problem:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Is there a reason you did not run the online scan from TrendMicro? You need to make sure ALL steps in the READ ME first are followed.

What was the virus? How do you know you had a virus? What is the Active X error?

 

DO you need the below proxy server setting for your ISP? If not, added to the list of things to fix below.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9022



Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [UpdReg] C:\Documents and Settings\Richie\Local Settings\Temp\_ISTMP2.DIR\_ISTMP0.DIR\Updreg.exe


Nothing should be in the Trusted ZOne unless you absolutely need it to make something work. Musicmatch does not fit into that category so fix these new two lines too.
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)


After clicking Fix, exit HJT.

Boot into safe mode and use Windows Explorer to delete:
C:\Documents and Settings\Richie\Local Settings\Temp\_ISTMP2.DIR <--- this whole folder

Now run Ccleaner (installed while running the READ ME FIRST).
Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

The READ ME FIRST thread tells you if you cannot run the onlines scanners in safe mode to run them in normal mode (both of them).

Did you complete the steps from my last post and make sure to add the Proxy Server line to the list to fix?