Results 1 to 10 of 10
  1. #1
    newbie
    Guest

    Default object-c002[1].hta - how to get rid of it?

    My son's computer runs win98. It has the free edition Grisoft anti-virus software recommended by Kim Komando that seems to have been doing an ok job until today. He can't pull up anything in browsers (Mozilla or IE) or IM programs - error msgs on browsers saying 'connection refused.' We did a system scan with the Grisoft (AVG, I think it's called) program and sure enough it said 3 objects found, "virus found" and the item listed on all three was: object-c002[1].hta. Well I googled this and didn't find anything terribly clear except that it is not the virus itself but some part of it -- didn't really grasp exactly how it works just that it is probably the thing causing this new problem. The thing is the Grisoft program doesn't give an option to put these 3 objects in their "virus vault" nor can it "heal" them... it says an example of something that can't be put in virus vault or healed would be something "archived" -- well I'm lost, I'm not sure what this means. How can we remove these objects? The browsers aren't working on that machine so can't go to any site to get another program etc. Please help, many thanks.

  2. #2
    Member racebitten1's Avatar
    Join Date
    Sep 2003
    Posts
    61
    Points
    3

    Default

    ok as best as i can tell you to do is to remove the files the old fashioned way since you cannot auto fix it...use windows search and look for the 3 files, amking sure to show all hidden files. Delete the 3 files..then go to start/run/ and type in msconfig. Uncheck anything supicious...run the virus software again after you do that and let us know how it goes.
    Im sorry i dont know much else on this virus or i would give a better reply.
    Being too open minded leads to the brains falling out.

  3. #3
    Administrator Help2Go Administrator Canuck's Avatar
    Join Date
    May 2003
    Location
    Edmonton, Alberta, Canada
    Posts
    9,817
    Points
    2034

    Default

    Before going the msconfig way, I would suggest you follow all the instructions here http://www.help2go.com/article217.html . Step 5, post your Highjackthis log to this thread (Post Reply button at bottom of this page and paste the log). Please be sure to do steps 1 to 4 first as this helps our experts out. When you post your HJT log, either I or one of the other moderators will transfer this post to our Spyware Help forum.


  4. #4
    Member racebitten1's Avatar
    Join Date
    Sep 2003
    Posts
    61
    Points
    3

    Default Re: object-c002[1].hta - how to get rid of it?

    Quote Originally Posted by newbie
    The browsers aren't working on that machine so can't go to any site to get another program etc. Please help, many thanks.
    Ok to get hijackthis you will need to dowlaod it on another computer and transfer it using a floppy disk, zip usb drive, or another transfer method.
    Being too open minded leads to the brains falling out.

  5. #5
    Member Help2Go Moderator whoozhe's Avatar
    Join Date
    Dec 2000
    Location
    Wallaroo South Australia
    Posts
    8,567
    Points
    801

    Default

    Try booting in safe mode.HTA is really a HTML saved with a HTA extention.
    It is generally used for creating Wizards or building online applications in C++.
    My guess is the anti virus scanner is in error and making this call because it cannot identify the file type.
    How this actually got onto you machine suggests you installed some software to build web pages or have recently had problems with a particular site that uses HTA pages.
    As many web building applications interact with browsers a bad installation or Un-Installing procedure may have corrupted the browsers.
    A bad encounter with a web site such as using an online Wizard or filling in a form that went wrong may be the cause.
    The fix may be as simple as restoring the system to a point prior to that encounter or installation.
    Take control of your life. Leave others to control their own.

  6. #6
    Guest

    Default

    Thanks for the suggestions. The last one, about restoring the system to a point before the problem, seems like the easiest. Easiest isn't always best but in this case since it's a machine mostly used by my kids I think it might be best. If I can do that and it doesn't solve the problem, I will move on to trying the more involved thinsg with Hijackthis etc. but would like to try the simplest thing first. How do I roll the system back to a previous point? Thanks again for your help!

  7. #7
    newbie
    Guest

    Default

    Well since writing that last msg I figured out by looking at more 'help' files that I might have a prompt for 'last good configuration' in safe mode... but now I'm really starting to feel stupid! Because I can't get the machine to start in safe mode! I tried doing it by holding down CTRL while it reboots, then tried with F8 - but it just keeps starting in regular mode. How can this be? I'm about ready to throw that machine out the window. Help please!

  8. #8
    Member
    Join Date
    Mar 2004
    Location
    uk
    Posts
    842
    Points
    152

    Default

    Hi try tapping the F8 Key as you start up, and take a look below
    and scroll down to xp in safe mode

    http://service1.symantec.com/SUPPORT...01060608000039

    regards stoney

  9. #9
    Guest

    Default

    Well halleluja, F8 worked! We got to safe mode, now have new problem - it doesn't seem to recognize the modem in safe mode? says modem is not connected. (it works fine in regular mode, but is just useless because of the virus/browser problem)

    Is there a way for us to roll the system back while in safe mode? I didn't see an option that said "last good configuration" which I have heard of before but I didn't go poking around, just chose "safe mode". I've tried google but must not beusing right search terms as I'm not finding anything specific to rolling a system back, just how to back things up. Again this is Win98. thanks again for your continued help!

  10. #10
    Member
    Join Date
    Mar 2004
    Location
    uk
    Posts
    842
    Points
    152

    Default

    hi
    in windows 98 you have scanreg/restore BUT i think your best option would be to go to the link and do ALL the scans then post h/jack log
    HERE http://www.help2go.com/article217.html

    Scanreg/restore does not go back that far.

    This is how to access it go to start> then shutdown> then restart your pc in MS_DOS MODE> when it restarts you will see a flashing prompt

    at the C: prompt type scanreg /restore and press Enter
    Choose which backup to restore. You should have a choice of registry backups from the last five days the system successfully booted

    Click a registry entry that has the word "Started" next to the date, and then press Enter.

    OR take a look here and look at scanreg/restore
    http://www.mypctool.com/98utilities.htm
    Regards Stoney

    BTW SAFE MODE only loads minimum Drivers [ as regards to Modem]