I am new to this forum as you can probably tell. I did read the guidelines before posting and hope that I am complying with my post here. First let me say I do not have a copy of "HiJack This" currently installed. And if I can explain briefly;
Last night around 7:00p.m. a certain someone had opened an attachment on our computer that runs Windows XP Pro MCE. Well AVG 8.5 went absolutely haywire detecting all these infections and warnings. Earlier that day at 12:00p.m., AVG did its daily scanning routine and came back clean. Well right now I can boot to my login screen, then when I supply my username & password and click OK. It starts to log me into the system, however, it just freezes and stays on a blank blue screen! It doesnt load wallpaper, taskbar or *anything* at all. So I pressed Ctrl+Alt+Delete and the Task Manager is the only thing working. However I was able to use the "New Task" to run "regedit" to look for any suspicious entries/values, which I did come across a "reader_s.exe" with very strange behavior inside my HKLM\software\microsoft\windows\currentversion\run hive..... So I did get rid of it and it kept popping back up every time I'd click "refresh". So I renamed the file located in my %system32% folder to reader_sDELETE and then deleted from registry and it finally was gone for the time being. Also at first when I opened Firefox, I could not access the internet. So I decided to check out my C:\windows\system32\etc\hosts file in notepad. Well it had been completely altered all the way and contained:
And that was ALL, all the original text & introduction thats included in the host file was gone. So I erased the hxxp://jl.chura.pl part and then saved, then re-opened Mozilla Firefox back up and now it is working just fine! However, I am sitting here in Firefox with no GUI except Task Manager. So I am extremely limited on resources. I just reformatted 3 weeks ago and *really* would like to avoid that route again and honestly, I love what this web site and its people are doing and trying to accomplish, much respect for something of this nature! And I am very interested in learning thoroughly just how I can remove the Malware myself without having to just give up and reformat every time this happens to me or one of my friends/family members computers! I'm a pretty competent with PC repairs & such and have a good general understanding. But Malware has always been something I just never took the time to really learn about and how to prevent it and now here I am in this situation again! Anyways, I will be sitting here with my no-desktop XP computer running Firefox and see if I can't dig up some information on this, as I'm sure someone else has had this same Virus/Trojan/Malware. Once again, much respect to EVERYONE involved in this community, it is truly a good & noble cause and I look forward to learning a lot from you guys! Thanks for everything in advance!!!!