The following is an excerpt from a tutorial for Emsisoft Knowledgebase HiJackFree. I would suggest that you read this tutorial to gain a better understanding of this software.
Green entries are process names whose process database entries only refer to benign software. You can therefore assume that these processes are highly likely to be not hostile. However, it can never be guaranteed that these processes are benign. This simply means that the process information database contains no information on hostile processes with the same name.
Yellow entries are process names that are used by both Malware and benign Software. In this case, you click on the entry and scroll to the online information at bottom of the details window underneath. This shows all the information available in the process database. Now compare the program paths listed here with the path of the active process on your PC. This requires a certain nose for details. Assuming that the path of the active process is:
Red entriesin the process list are process names for which the process database contains only information on hostile programs. There can be two reasons for this: Either this is truly a Malware process or there is simply no other information in the process database on a benign process of the same name. Regardless of the reason, it is a good idea to examine this process in more detail.
Another Malware program which is suggested quite often here at Bleeping Computer is Malwarebytes AntiMalware. This is a much simpler program to use. If you would like to try it, use the instructions below.
Please download Malwarebytes Anti-Malware.
1) Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
2) When the installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click on Finish.
3) MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
4) Click on perform Quick Scan, then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
5) The scan will now begin, this may take some time to complete so please be patient.
6) When the scan is finished click on Show Results to display all objects found.
7) Click OK to close the message box and continue with the removal process.
8) Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that every item shown in the results has a check mark in the box next to it, then click on Remove Selected.
9) When removal is completed, a log will open in Notepad.
This log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of the log in your next post, then exit MBAM.
Important: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
Please copy the Malwarebytes log and paste it in your next post.
To locate this file right click on the Start orb and choose Open Windows Explorer, then click on C: drive.
When the C: drive opens click on the following: ProgramData, Malwarebytes, Malwarebytes' Anti-Malware, Logs.
If there is more than one log, choose the log with the date that you ran scan that I requested.
Edited by dc3, 06 November 2013 - 11:33 AM.