Hi all,

I've been in this newsgroup before and got great results,
so thanks to those who helped me in the past.

I have a new problem now. It's with my scan disk. I've
tried over and over again to use scan disk and it refuses
to work. So naturally I went to help in my computer to see
if it could help me resolve the problem. I went to the
index and typed in scan. What came up surprised me. It
looked like this:

Scan
Scan Disk
ScanDisk

The first Scan and second Scan Disk where never there
before. When I click on display for either Scan or Scan
Disk (the first two) a message pops up from McAfee.

The message reads:

Warning: Suspicious script, do you wish to stop it or
continue? Obviously I stopped it.
So I clicked on more information. I got this: A suspicious
script is attempting to call the run method within the
IwshShell3 object. It is lcated in
C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HELPCtr.exe

I can't get McAfee to remove it and it seems to be messing
with my scan disk, can someone help me with this problem?
And what is it?

Thanks, Marc

Almost certainly a false positive - check out he file in Windows Explorer.
You'll need to have Folder Options set to view Hidden and System files, and
navigate to the file. Is should have the following properties.

(assuming it's the updated version)
Version:- 4.90.0.3004
Size - 488KB (499,984bytes)
Modified date - 08 Jan 2003, 09:24:04

The original version should have the following properties
Version:- 4.90.0.3000 (I think)
Size 495,888bytes
Modified date: 06-08-00 5:00p


HTH

--
Noel Paton (MS-MVP 2002-2003, Win9x)

Nil Carborundum Illegitemi
Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"Marc" <marcisalways@hotmail.com> wrote in message
news:026101c36a86$e106d870$a101280a@phx.gbl...

Thanks Noel for answering. I have the original version, is
that the problem? I've looked everywhere for an updated
version and can't find it. I also keep updated regularily
from Microsoft. What should I do?

Marc

The update was contained in one of the downloads from Win Updates -
http://support.microsoft.com/default.aspx?scid=812709
812709: Security Update (Windows Me) - (Posted Date: April 15, 2003)
Download size: 293 KB
An identified security issue in the Microsoft Windows® Me Help and Support
Center could enable an attacker to read files or run programs on a computer
that visited his or her Web site. You can help protect your computer by
installing this update from Microsoft. After you install this item, you may
have to restart your computer. Once you have installed this item, it cannot
be removed.

It looks as if you may have installed ME over the top of itself using the CD
since installing the patch - in which case you probably need to force a
reinstall of ALL the patches you'd previously installed. (Check your update
log for details)

HTH

--
Noel Paton (MS-MVP 2002-2003, Win9x)

Nil Carborundum Illegitemi
Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"marc" <marcisalways@hotmail.com> wrote in message
news:01e101c36a98$ef55b290$a601280a@phx.gbl...

The update was done and I never installed ME over the top
of itself using the CD since installing the patch.(In fact
I have never used the recovery CD ever since I bought this
computer, I have always updated from Microsoft and never
until now had a problem with ScanDisk). I don't know how
to force a reinstall of all the patches either.
Here is something else I forgot to mention. When I do a
ScanDisk, after about 10 minutes this comes up: "ScanDisk
has restarted 10 times because Windows or another program
has been writing to this drive. Quitting some running
programs may enable ScanDisk to finish sooner."

The way it looks to me is someone has made it so that I
can't use the ScanDisc.

Marc

Try running ScanDisk from Safe Mode - it's quite common for this message to
occur in normal mode due to processes running in the background.

If you go to the link, and read the instructions, it tells you how to
download the patch for offline install, and you can use the same method for
(almost) all patches.

You can view the 'installed' patches using the link at the Windows Update
site - print the list, and download them for offline install.
If you want to, you can use the reference numbers to search for the KB
reference on the MS site, it usually gives the file changes each patch made.

If you're going to do this - it's a good idea to make sure that the first
patch you check/download/install is the System Restore patch. - from
http://support.microsoft.com/default...;en-us;Q290700
which should at least allow you to back out of any patch that causes
problems. (you don't need the patch if the version of
C:\Windows\System\SMGR.DLL is 4.90.0.3003)

HTH
--
Noel Paton (MS-MVP 2002-2003, Win9x)

Nil Carborundum Illegitemi
Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"Marc" <marcisalways@hotmail.com> wrote in message
news:02df01c36aa2$31df7480$a401280a@phx.gbl...
The update was done and I never installed ME over the top
of itself using the CD since installing the patch.(In fact
I have never used the recovery CD ever since I bought this
computer, I have always updated from Microsoft and never
until now had a problem with ScanDisk). I don't know how
to force a reinstall of all the patches either.
Here is something else I forgot to mention. When I do a
ScanDisk, after about 10 minutes this comes up: "ScanDisk
has restarted 10 times because Windows or another program
has been writing to this drive. Quitting some running
programs may enable ScanDisk to finish sooner."

The way it looks to me is someone has made it so that I
can't use the ScanDisc.

Marc