From Symantec: http://www.symantec.com/avcenter/ "VBS.Pet_Tick.N is a Visual Basic Script (VBS) virus that infects HTML files. It creates the file, %Windir%\mylover.exe, and then modifies the registry so that this file executes upon start up. This file is detected as W95.Pet_Tick.gen. VBS.Pet_Tick.N appends itself to any HTML files in the \Windows, \My Documents, and \Internet Temporary Folder directories. With default security settings in Internet Explorer, acknowledge a security warning dialog box before the virus executes. Also Known As: VBS.Dilna-B, VBS.Dilan Type: Virus Infection Length: 14,866 bytes Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me Systems Not Affected: Macintosh, OS/2, UNIX, Linux When VBS.Pet_Tick.N is executed, it performs the following actions: Creates the file, %Windir%\Mylover.exe. This file is detected as W95.Pet_Tick.gen. Adds the value: "Lover32"="%WINDIR%\mylover.exe" to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run so that VBS.Pet_Tick.N runs when you start Windows. Iterates through the %Windir%, %System%, Temporary, My Documents, and Desktop Folders, searching for the files with the .HTM and .HMTL extensions. The virus also appends itself to these files. Due to a bug in the code, the virus will re-infect the files that have already been infected." Regards, Jade .