[almcg]

As I stated a few posts ago, every time I go to any web page (at all) a warning comes up saying "to help protect your security, Internet Explorer has restricted this file from showing active content that could access your computer. Click here for options..." It started doing this right after I got the bestfriends virus. While I've gotten rid of the other components of the bestfriends virus, this is still happening. Last time I posted this, you asked what my IE security settings were, and so I replied with them, but nothing was ever said back to me...

[Advertisements]

Try reseting your IE settings to default. On your IE toolbar click Tools -> Internet Options... -> the Advanced tab, and the Restore Defaults button.

[admin]

Try reseting your IE settings to default. On your IE toolbar click Tools -> Internet Options... -> the Advanced tab, and the Restore Defaults button.

[almcg]

I restored them, but there isn't a change. The message still comes up.

[coachwife6]

I fixed a friend's computer a couple of weeks ago and she had a problem downloading items off of certain sites, such as Pandasoftware...the message you are getting is the same message her computer received which denied me the ability to download. Are you just getting the message or are you unable to download?

[almcg]

I'm getting the message, but if I click on it to allow blocked content, I can download things.

[mpfeif101]

That's just XP's security measures... it stops drive by downloads. You can lower your security in Tools if you want...

[almcg]

I can't lower them any lower than they already are. And if that is the case, why was this not happening before? It is also happening to a friend who had the same virus previously...

[coachwife6]

You must be very frustrated, I can sympathize.

I previously asked why you think you still have the virus? What is occurring now - "the warnings" - may be due to what mpfeif101 explained earlier.

Why don't you try downloading firefox in my signature and use that as your browser and see if you experience the same problems? It may just be a glitch in IE. I will continue looking into the best friends virus to see what I can come up with.

If you have any of the data of what occurred when you were infected with the best friends virus, that would be helpful.

[almcg]

As I said in my initial post, I had clicked on something in an away message which then added files to my computer and put the same away message on my screen name for AIM. I first scanned with symantic because that is the softward that the college I attend provides. It found a file named "best friends" and so I deleted it. I also scanned with Ad-Aware SE and spybot and deleted everything they found. In addition, my friend who also had the virus instructed me to remove "Viewpoint" and "Mediapiayer" from my registry whereever they were found. So I did that as well. I also ran the all other scans as suggested through this thread. I hope that helps.

I downloaded FireFox and it doesn't seem to have the same problem...

[Hemal]

firefox is a much better browser which is much cleaner...i believe i know of the virus u have...its from a picture source u might have clicked and then prompts you to download something, u must be really careful to download these things, try booting up in safemode, removing aim, and scan with pandasoftware off of firefox, then run a trojan scan (The Cleaner- google that and click on the companies website) then please download the CCleaner(same instructions for downloading that as the cleaaner) and run that too

please post back and see if that helped any

[almcg]

Sorry it took me a while to respond...

While in safemode I:

1) I removed AIM

2) I couldn't run the pandasoftware off of Firefox, it said I needed to use IE v. 4 or higher. So I ran it on IE and it didn't find anything.

3) I downloaded and ran The Cleaner and it found some Gator files on my old hard drive (I recently upgraded my computer and all of my old hard drive was transferred to my new hard drive.) I told it to remove this files, but when the scan had completed, I couldn't see the bottom of window so I'm not sure if I needed to do anything else.

4) I downloaded and ran CCleaner and it found and removed a bunch of stuff under Windows. I also scanned for Issues and it found a lot, but I didn't want to fix them because I didn't know if they were actually issues, or what they were.

Let me know if there is anything I can post that may help. I haven't restarted out of safe mode yet, though, to see if anything is better.

[mpfeif101]

You're not going to be able to run the scan in Firefox because it doesn't support ActiveX. Will you please reboot, post a HJT log, and tell us if the problem persists. If so will you please take a pic of your screen and post it here (Click the prt scr button on keyboard).

[almcg]

I rebooted, but the IE problem didn't go away. Here is my HJT log:

Logfile of HijackThis v1.98.2
Scan saved at 10:25:26 PM, on 11/15/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Alicia\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.etown.edu/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab

[almcg]

I understand how to take the picture of my screen, but how do I post it?

Thanks for all of your patience and help so far!!