> I downloaded a free form from some "Free Script" site...

Oh.

Suggestions:

Flush your browser cache completely (delete Temporary Internet Files).

Run as many reputable anti-virus and malware scanners as you can find.

If no improvement try System Restore.

In future, use a browser such as Firefox to surf unknown sites. Since they do not support ActiveX, your exposure to malicious download components is greatly reduced.

Jim

Jim,

Thank you for your responce. I do the things you suggested at least once each day. Unfortunately, I still don't have a clue as to the answer to my questions ("what I don't understand...."

jdMorgan is saying it is not the brighest thing to go download from anywere you most likely infected your computer by doing this not so smart thing.

he is suggesting you clean up your computer find were it is infected and don't just download anything out there it is usually infected with an unknown malicious download.

Reason you can't explain it is because you infected your computer with an unknown malicious download.

About as simple as I can put it.

Bwnbwn,

Thank you.

Now that I have been reprimanded, and told how stupid I am, my question still remains; how come this thing would not go away when I was trying to remove it, yet it disappeared when I added a simple piece of code (a background jpg)?

I had not run any cleanup or anti-virus, etc. in the meantime. If nobody knows exactly how to explain this phenominon, I'll just forget about it. The reason I asked in the first place is that I hoped I might learn something about such a complexity, and it might help me in the future. I fully understand that I got it from a download, but I have had good luck with most of the free download stuff before. There are a few good people out there (like WebmasterWorld) who actually want to help people getting started.

Thanks again for your help. From now on, I will pay particular attention to my Temporary Internet Files.

bo

You'd have to ask the author of the malware, I'm afraid... and even then, the author might not know.

Please consider using an alternative browser that does not support ActiveX. Unlike a lot of people, I don't 'love' or 'hate' Internet Explorer -- Loving objects or programs is a waste of mental energy in my opinion. But the fact remains that ActiveX opens a security hole, exposing your Windows operating system to abuse by on-line exploits. As such, using a browser that does not support ActiveX for your daily browsing, and using IE only for testing and visiting trusted sites is a good idea.

By the way, the only ActiveX control supported by Mozilla-based browsers is the "Play" control for Windows Media Player. This control was seen as widely-used and easy enough to 'contain' from a security viewpoint, so it is supported.

Best,
Jim

OK.

From now on, FIREFOX it is.

Thanks again,

Bo

In creating a mail in form, I downloaded a free form from some "Free Script" site, and when I opened the page with my browser, I got a warning across the top of my screen telling me that the page contains ActiveX code.

Before you go digging moats and buying virtual AK47's, can you answer one question -

When you get this error, are you opening the file on your LOCAL computer?

IE will *always* do this with scripted files and other conditions. Not to discredit any other suggestions (paranoia is always a good tool,) but if it's being opened via IE on a local computer and it contains any kind of Javascript or other widgets, you will always get the ActiveX Controls error. Try uploading it to a server first.

Thank you. Believe it or not, I actually try going through all my "For Dummies" books, and Google, etc. to try to find answers before posting. Unfortunately, the comments and definitions for ActiveX range from benign to malignant, and much of the jargon is beyond my present experience. I had been led to believe that, though ActiveX was created to be a good thing, it has been corrupted for bad uses. Until I get enough experience to tell the difference, I'll try to avoid it altogether. Right now, I am just trying to get my website running to support my business, and I want to learn how to fight the bad guys as I go.

By the way, your explanation seems to accurately sum up information that I spent a half a day trying to find! Your affirmation of this stuff makes me feel a lot better.

Thanks again,

Bo

So . . . . you get the warning only when you open it locally? It doesn't give you this warning when uploaded and requested from the web?

It's a common problem with IE, I didn't see the point raised anywhere above.

Rocknbil,

Though I'm not sure if this last post is a question or a comment, I'm going to try to answer it.

From the information provided by Webmasterworld and all the other stuff I read, I think that the Activex warning concerned a part of the code that confirms things like phone numbers and email addresses in forms. It looks to me like the Activex sends the form information to another site, processes the info, and sends it back with or without a confirmation of authenticity(notice that I say, "It looks to me.." as it is at best a guess). I can see how these could be used for very wrong purposes as well as very good ones.

After loading the free code into a sample page, I would get the warning every time I hit the "Launch External Browser" icon (my editor is Homesite). And again, the thing that bothered me the most was the fact that it didn't go away when I erased the code. It did finally go away, but I don't know why that happened either. From a previous reply, I now know to clear my temp file after deleting questionable code.

Again, since I do not have the experience to know the difference, I am going to avoid them.

Thank you for all your help. I'm sure that I am going to need more!

Bo

Let me elaborate on my original question, then I'll put this to rest:

When you get this error, are you opening the file on your LOCAL computer?

LOCAL meaning on your computer, not on a server. You have this file loaded on your LOCAL computer. Your PC or Mac. It is NOT uploaded to your server yet. You open it in HomeSite, then,

I would get the warning every time I hit the "Launch External Browser" icon (my editor is Homesite).

Homesite rocks by the way, it's what I use. :-)

What is happening here is HomeSite is launching it's own instance of Internet Explorer when you use this feature.

But your files are STILL on your local computer, correct?

Internet explorer has this "security feature". When opening a page on your computer, if there is any scripting or references to externally linked files in that page, it will ALWAYS tell you (paraphrased) "This page contains scripting or ActiveX controls that can potentially harm your computer. Click here for more options . . . " In truth, I've seen this in local files that have no scripting at all and just accept it as an IE thing (like many others.)

So what I am saying when uploaded to your server, you shouldn't have this problem. Then open the browser and type it's location in the address bar. If you don't get a warning, you don't have a problem and this is a problem only when opening scripted files on a local computer.

Left me give you a test to try. You can see these files have nothing nefarious in them.

The following WILL NOT kick an error when you open it locally in Internet Explorer. Paste it into a file and name it test1.html:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>I liketh Not IE</title>
</head>
<body>
<form id="test" action="">
<label for="testfield">Test</label>
<input type="text" name="testfield" id="testfield" value="">
<input type="submit" value="Test Me">
</form>
</body>
</html>

The following I've only added a single bit of harmless Javascript code (bolded area.) When you press the submit, it will pop up an alert box that says "Submit Button Pressed." That's all the scripting does; it's Javascript and no ActiveX. Paste this code into test2.html:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>I liketh Not IE</title>
</head>
<body>
<form id="test" action="">
<label for="testfield">Test</label>
<input type="text" name="testfield" id="testfield" value="">
<input type="submit" onClick="alert('Submit Button Pressed');" value="Test Me">
</form>
</body>
</html>

Open this file in Internet Explorer and you WILL get the error. That harmless bit of Javascript code will be the cause.

Now upload this file to your server and the alert will go away. This is the problem with checking files locally in I.E.

rocknbil,

I did as you suggested, and it all worked as you said it would. I cannot tell you how much I appreciate your patience and understanding; and that I can hardly believe you went to the trouble to do this!

Thank you VERY much,

Bo

Just pay it forward Bo! :-)

I hate seeing someone chase their tail . . . like I had to!