I just updated my mcafee It found the above JS/exploit-
Dialog Arg How can I rectify this I tried cleaning it but
doesn't clean Any advice?

Where did you find it?
If in the C:\_Restore folder tree, then it can't harm your PC, unless you
use System Restore to go back to a time After you were originally infected,
but Before you detected and removed the infection.

http://support.microsoft.com/?scid=263455

--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
or
http://www.microsoft.com/presspass/features/2001/Mar01/Mar27pmvp.asp

"Carianne" > wrote in message
...
> I just updated my mcafee It found the above JS/exploit-
> Dialog Arg How can I rectify this I tried cleaning it but
> doesn't clean Any advice?

>-----Original Message-----
>Where did you find it?
>If in the C:\_Restore folder tree, then it can't harm
your PC, unless you
>use System Restore to go back to a time After you were
originally infected,
>but Before you detected and removed the infection.
>
>http://support.microsoft.com/?scid=263455
>
>--
>Noel Paton (MS-MVP 2002-2004, Win9x)
>
>Nil Carborundum Illegitemi
>http://www.btinternet.com/~winnoel/millsrpch.htm
>
>Please read http://dts-l.org/goodpost.htm on how to post
messages to NG's
>or
>http://www.microsoft.com/presspass/features/2001/Mar01/Mar
27pmvp.asp
>
>"Carianne" > wrote in
message
...
>> I just updated my mcafee It found the above JS/exploit-
>> Dialog Arg How can I rectify this I tried cleaning it
but
>> doesn't clean Any advice?
>
>
>. It was found in C:/install.htm
>

it was found in C:/install.htm

There is normally no such folder\file in the Me root. Delete
it. Run another scan to make sure that when deleted it did
not replicate itself.

--
Checked by AVG Anti-Virus (http://www.grisoft.com).

Version: 7.0.251 / Virus Database: 263.3.3 - Release Date:
18/06/2004


> wrote in message
...

>-----Original Message-----
>Where did you find it?
>If in the C:\_Restore folder tree, then it can't harm
your PC, unless you
>use System Restore to go back to a time After you were
originally infected,
>but Before you detected and removed the infection.
>
>http://support.microsoft.com/?scid=263455
>
>--
>Noel Paton (MS-MVP 2002-2004, Win9x)
>
>Nil Carborundum Illegitemi
>http://www.btinternet.com/~winnoel/millsrpch.htm
>
>Please read http://dts-l.org/goodpost.htm on how to post
messages to NG's
>or
>http://www.microsoft.com/presspass/features/2001/Mar01/Mar
27pmvp.asp
>
>"Carianne" > wrote in
message
...
>> I just updated my mcafee It found the above JS/exploit-
>> Dialog Arg How can I rectify this I tried cleaning it
but
>> doesn't clean Any advice?
>
>
>. It was found in C:/install.htm
>

Thanks, Bally - I thought I'd responded to this one yesterday?

You probably have the I-lookup worm/spyware

http://www.spy-bot.net/ILookup.asp

reboot to Safe Mode, and delete the C:\install.htm file from there

You may have a virus/spyware hijack

download the Stinger from here and run it to make sure that A-V-disabling
viruses are not present on your PC
http://download.nai.com/products/mcafee-avert/stinger.exe

- update your virus scanner and run a full system scan of all files.

Reboot to Safe Mode and run CWShredder - to remove variants of the
CoolWebSearch hijacker.
http://www.merijn.org/cwschronicles.html

Use CWShredder, the removal tool:
http://www.merijn.org/files/cwshredder.zip
http://www.merijn.org/files/CWShredder.exe
http://www.spywareinfo.com/downloads/tools/CWShredder.exe
http://www.zerosrealm.com/downloads/CWShredder.zip

download AdAware from www.lavasoftusa.com, install, update, and run it to
remove spyware, adware,
and other such nasties from your system.

--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
or
http://www.microsoft.com/presspass/features/2001/Mar01/Mar27pmvp.asp

"Bally Ally" > wrote in message
...
> There is normally no such folder\file in the Me root. Delete
> it. Run another scan to make sure that when deleted it did
> not replicate itself.
>
> --
> Checked by AVG Anti-Virus (http://www.grisoft.com).
>
> Version: 7.0.251 / Virus Database: 263.3.3 - Release Date:
> 18/06/2004
>
>
> > wrote in message
> ...
>
> >-----Original Message-----
> >Where did you find it?
> >If in the C:\_Restore folder tree, then it can't harm
> your PC, unless you
> >use System Restore to go back to a time After you were
> originally infected,
> >but Before you detected and removed the infection.
> >
> >http://support.microsoft.com/?scid=263455
> >
> >--
> >Noel Paton (MS-MVP 2002-2004, Win9x)
> >
> >Nil Carborundum Illegitemi
> >http://www.btinternet.com/~winnoel/millsrpch.htm
> >
> >Please read http://dts-l.org/goodpost.htm on how to post
> messages to NG's
> >or
> >http://www.microsoft.com/presspass/features/2001/Mar01/Mar
> 27pmvp.asp
> >
> >"Carianne" > wrote in
> message
> ...
> >> I just updated my mcafee It found the above JS/exploit-
> >> Dialog Arg How can I rectify this I tried cleaning it
> but
> >> doesn't clean Any advice?
> >
> >
> >. It was found in C:/install.htm
> >
>
>

go to your IIS site settings and look at the documents
tab...make sure there is no document footer. if there is
something that looks like iis6b7.dll or similar, it is a
fake plain text file that is causing your problems.

>-----Original Message-----
>Thanks, Bally - I thought I'd responded to this one
yesterday?
>
>You probably have the I-lookup worm/spyware
>
>http://www.spy-bot.net/ILookup.asp
>
>reboot to Safe Mode, and delete the C:\install.htm file
from there
>
>You may have a virus/spyware hijack
>
>download the Stinger from here and run it to make sure
that A-V-disabling
>viruses are not present on your PC
>http://download.nai.com/products/mcafee-avert/stinger.exe
>
>- update your virus scanner and run a full system scan
of all files.
>
>Reboot to Safe Mode and run CWShredder - to remove
variants of the
>CoolWebSearch hijacker.
>http://www.merijn.org/cwschronicles.html
>
>Use CWShredder, the removal tool:
>http://www.merijn.org/files/cwshredder.zip
>http://www.merijn.org/files/CWShredder.exe
>http://www.spywareinfo.com/downloads/tools/CWShredder.exe
>http://www.zerosrealm.com/downloads/CWShredder.zip
>
>download AdAware from www.lavasoftusa.com, install,
update, and run it to
>remove spyware, adware,
>and other such nasties from your system.
>
>--
>Noel Paton (MS-MVP 2002-2004, Win9x)
>
>Nil Carborundum Illegitemi
>http://www.btinternet.com/~winnoel/millsrpch.htm
>
>Please read http://dts-l.org/goodpost.htm on how to post
messages to NG's
>or
>http://www.microsoft.com/presspass/features/2001/Mar01/Ma
r27pmvp.asp
>
>"Bally Ally" > wrote in message
...
>> There is normally no such folder\file in the Me root.
Delete
>> it. Run another scan to make sure that when deleted it
did
>> not replicate itself.
>>
>> --
>> Checked by AVG Anti-Virus (http://www.grisoft.com).
>>
>> Version: 7.0.251 / Virus Database: 263.3.3 - Release
Date:
>> 18/06/2004
>>
>>
>> > wrote in message
>> ...
>>
>> >-----Original Message-----
>> >Where did you find it?
>> >If in the C:\_Restore folder tree, then it can't harm
>> your PC, unless you
>> >use System Restore to go back to a time After you were
>> originally infected,
>> >but Before you detected and removed the infection.
>> >
>> >http://support.microsoft.com/?scid=263455
>> >
>> >--
>> >Noel Paton (MS-MVP 2002-2004, Win9x)
>> >
>> >Nil Carborundum Illegitemi
>> >http://www.btinternet.com/~winnoel/millsrpch.htm
>> >
>> >Please read http://dts-l.org/goodpost.htm on how to
post
>> messages to NG's
>> >or
>>
>http://www.microsoft.com/presspass/features/2001/Mar01/Ma
r
>> 27pmvp.asp
>> >
>> >"Carianne" >
wrote in
>> message
>> ...
>> >> I just updated my mcafee It found the above
JS/exploit-
>> >> Dialog Arg How can I rectify this I tried cleaning
it
>> but
>> >> doesn't clean Any advice?
>> >
>> >
>> >. It was found in C:/install.htm
>> >
>>
>>
>
>
>.
>

There is no IIS in Win ME.

--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
or
http://www.microsoft.com/presspass/features/2001/Mar01/Mar27pmvp.asp

"thesmilinggoatdotnet" > wrote in
message ...
> go to your IIS site settings and look at the documents
> tab...make sure there is no document footer. if there is
> something that looks like iis6b7.dll or similar, it is a
> fake plain text file that is causing your problems.
>
> >-----Original Message-----
> >Thanks, Bally - I thought I'd responded to this one
> yesterday?
> >
> >You probably have the I-lookup worm/spyware
> >
> >http://www.spy-bot.net/ILookup.asp
> >
> >reboot to Safe Mode, and delete the C:\install.htm file
> from there
> >
> >You may have a virus/spyware hijack
> >
> >download the Stinger from here and run it to make sure
> that A-V-disabling
> >viruses are not present on your PC
> >http://download.nai.com/products/mcafee-avert/stinger.exe
> >
> >- update your virus scanner and run a full system scan
> of all files.
> >
> >Reboot to Safe Mode and run CWShredder - to remove
> variants of the
> >CoolWebSearch hijacker.
> >http://www.merijn.org/cwschronicles.html
> >
> >Use CWShredder, the removal tool:
> >http://www.merijn.org/files/cwshredder.zip
> >http://www.merijn.org/files/CWShredder.exe
> >http://www.spywareinfo.com/downloads/tools/CWShredder.exe
> >http://www.zerosrealm.com/downloads/CWShredder.zip
> >
> >download AdAware from www.lavasoftusa.com, install,
> update, and run it to
> >remove spyware, adware,
> >and other such nasties from your system.
> >
> >--
> >Noel Paton (MS-MVP 2002-2004, Win9x)
> >
> >Nil Carborundum Illegitemi
> >http://www.btinternet.com/~winnoel/millsrpch.htm
> >
> >Please read http://dts-l.org/goodpost.htm on how to post
> messages to NG's
> >or
> >http://www.microsoft.com/presspass/features/2001/Mar01/Ma
> r27pmvp.asp
> >
> >"Bally Ally" > wrote in message
> ...
> >> There is normally no such folder\file in the Me root.
> Delete
> >> it. Run another scan to make sure that when deleted it
> did
> >> not replicate itself.
> >>
> >> --
> >> Checked by AVG Anti-Virus (http://www.grisoft.com).
> >>
> >> Version: 7.0.251 / Virus Database: 263.3.3 - Release
> Date:
> >> 18/06/2004
> >>
> >>
> >> > wrote in message
> >> ...
> >>
> >> >-----Original Message-----
> >> >Where did you find it?
> >> >If in the C:\_Restore folder tree, then it can't harm
> >> your PC, unless you
> >> >use System Restore to go back to a time After you were
> >> originally infected,
> >> >but Before you detected and removed the infection.
> >> >
> >> >http://support.microsoft.com/?scid=263455
> >> >
> >> >--
> >> >Noel Paton (MS-MVP 2002-2004, Win9x)
> >> >
> >> >Nil Carborundum Illegitemi
> >> >http://www.btinternet.com/~winnoel/millsrpch.htm
> >> >
> >> >Please read http://dts-l.org/goodpost.htm on how to
> post
> >> messages to NG's
> >> >or
> >>
> >http://www.microsoft.com/presspass/features/2001/Mar01/Ma
> r
> >> 27pmvp.asp
> >> >
> >> >"Carianne" >
> wrote in
> >> message
> >> ...
> >> >> I just updated my mcafee It found the above
> JS/exploit-
> >> >> Dialog Arg How can I rectify this I tried cleaning
> it
> >> but
> >> >> doesn't clean Any advice?
> >> >
> >> >
> >> >. It was found in C:/install.htm
> >> >
> >>
> >>
> >
> >
> >.
> >