Problem...

How can I delete this?

file://c:\DocumentsandSettings\AllUsers\StartMenu\Programs\Startup\msoffice.hta

 

Hi delta08.

Welcome to Wilders.

U could try deleting it in safe mode.

Curiously, what infection is being detected?


snowbound

 

THX for the response....i get this message everytime i logon...


TG!¶’ò?²Ï#ª_þX
!Ò*cöëÏ°ãª?

ÿÿÿÿ@¾"µÈó\Î*åªDw=†IÁ<Ž¶ëmÐöª_þXc€

#meaning less **** i had to put hereÿÿÿhÿÿÿ# crap="

I had done a hijackthis log originally and deleted files that were changing my ie homepage....that is fine now but this is still showing up....where do i find this file?

 

Forgive me but, did u do a search for that file?

It could be hidden so here's how to show hidden system files,

http://www.xtra.co.nz/help/0,,4155-1916458,00.html



snowbound

 

tried that no luck.

 

Just to be sure I'm understanding....you did not find that file in the below location ?

C:\WINDOWS\Fonts\msoffice.hta

Also....was your Homepage changed to searchdot.net ?

You may have to use a Command prompt....since the Fonts folder is a special folder for Windows and it's setup to hide all files in it that are not font files.

 

It might be time to use Hijackthis. Unfortunately, Wilders no longer provides hijack cleaning sevices. For more info and help go here,

https://www.wilderssecurity.com/showthread.php?t=42148

post back and let us know the results.

Sorry i couldnt have been of more help.....



snowbound

 

tried that search,no luck ....it was not switched to that ie....i am sorry i forgot the address it switched to...if this helps these were the files i removed after i ran highjackthis...

02-BHOompclass-{4c1b116f-2860-46db-8e6c-b4bfc4d6833-D:\windaows\jetblass.dll
RO-HKCU\software\microsoft\internetexplorer\main,startpage=http://default.home
RO-HKLM\software\microsoft\internetexplorer\main,startpage=http://default.home

~removed hijackthis log - Bubba~

 

I'm sorry Delta....but it appears you missed Snowbounds post or mis-read it concerning Hijack this.

Code:

[B]said by Snowbound:[/B]
"[I]It might be time to use Hijackthis. 
Unfortunately, [U]Wilders no longer provides hijack cleaning sevices[/U].
For more info and help go here,

[url]http://www.wilderssecurity.com/showthread.php?t=42148[/url][/I]"

In System Configuration Utilities uncheck the MS-Office.hta Startup