Most will note the HiJackThis Analyzer button at the top right of the pages in this forum.
This program, in the past, WAS intended to help read and analyze HiJackThis logs. As it states on the page;
"This system is to be used as a generalized guide, this will not be right 100% of the time."
This is the KEY sentence and in it's present form this analyzer has NOT been updated in a VERY long time and therefore it's findings should NOT be relied upon to be accurate.
When a person pastes his/her HiJackThis log onto the screen the analyzer will run and then return a parsed log.
At the top left of this parsed log you will see a color coded guide
Entries noted in Red Highlight are supposedly "BAD-Remove most always"
At this time, without updating of this analyzer, many entries are highlighted in RED and supposedly are bad. This is not the case however, these are FALSE POSITIVES.
Some entries highlighted in RED at this time include the new version of HiJackThis version 2.0. Obviously this is NOT bad, this is the actual HiJackThis. There are other entries noted as always bad but which really are related to the Microsoft Office programs language/alternative input service. They are noted as bad because SOME forms of the CoolWebSearch parasite use the same file name and the analyzer cannot differentiate between the two, even if it is also showing Microsoft Office running on the machine.
When people use the analyzer to check a HiJackThis log of version 2.0 many legal entries are highlighted in RED because this present analyzer is configured to analyze logs from the earlier version of HiJackThis version 1.99.1
The newer version shows entries that the earlier version did not show at all so any of these now show as bad, because the analyzer really doesn't know what these entries are so it marks them as bad.
Other color coding note entries in green as ok, entries in blue are third party programs but generally ok, entries in orange probably not needed, entries in purple, bad if you don't know what they are and enties in black are unknown.
Entries in black often times include programs relating to the printer, scanner, photo programs, Adobe Readers and even the chipset drivers on the computer. As you can see these are usually ok programs also.
Purple entries often times noted are a persons home page of choice and of course usually not bad either.
Since, at the present time, the analyzer has not been updated and for now cannot be removed I would strongly suggest that this analyzer not be used at all.
I also have to to stress that the HiJackThis program is NOT a FIXER program. It is a scanner program. It is what should be used AFTER all other steps have been taken to remove suspected malware, viruses and trojans.
The place to begin removal is here READ ME Before Posting A Request For Assistance!
Read ALL the steps, Follow them EXACTLY. Once all of those steps have been followed then, and only then, is the time to run a scan with HiJackThis.
The log itself and others noted in the above link, should then be posted, in a thread, along with all symptoms your computer has been showing, for those who know how to interpret them. Persons here who read the logs will then make suggestions on other steps or tools which should be run to clean your system.