I disagree. Do not reboot and run that hta in the process. An HTA at startup is suspicious. Do this. Run hijackthis and post that log. Then move that hta out of the startup folder and rename it as a text file. Post the contents of that text file in your next reply here. Someone will tell you what it was doing exactly and help you decide which steps to take next.