2 questions..niether urgent :)

General Topics
1

two questions…

Question 1:
currently I have Windows Firewall on.
Should i get a Firewall like Comodo?
Does Comodo+Avast sound good or is WindowsFirewall suficient?

Question 2:
How did you learn how to read a HighJackThis log file?

2

You can do it. Other options are PCTools, Online Armor or even ZoneAlarm.

I think for mostly users, Windows firewall is enough. Besides, avast will release a firewall in July.
Other users will say that outbound protection that came with a 3rd party firewall is a good protection.

It’s an advanced task and you can get it automatically here: http://www.hijackthis.de/

3

Depends on what your OS is if Vista you could use the default windows firewall and enable outbound protection, but it isn’t very friendly, is rule based and you have to create the rules. - Vista Firewall Control, check out this topic for some user friendly help for the Vista Firewall, Outbound protection, http://forum.avast.com/index.php?topic=30234.0.

The hijackthis.de, is an auto analysis tool and like most things auto it can get things wrong, it is something that should be used for guidance and not reliance. Anything suspect should be the subject of a google search on the file name, etc. and see if that confirms the HJT analysis.

4

As stated, the Windows firewall blocks inbound, the Vista outbound protection is (apparently) not straightforward to set up.
(Actually, in my experience, and with fairly average knowledge, I find a rules-based firewall quite an advanced mission to set up.)
Comodo, PCTools, OA are application based, which means, basically, known good applications can be allowed. Anything else should be investigated.
The outbound control of a two way firewall can be thought of as a safety net. (My analogy.) If you get malware on the computer that is not recognized/detected by the AV, (A so-called “zero day threat”) it will want to connect outbound. The firewall will prompt for permission. The users’ decision at that point could (a) save a lot of grief, or (b) cause same.
Comodo and OnlineArmour have a type of HIPS (behavioural filter- like an internal firewall) included. So does PCTools, but it’s a bit less demanding. These can be quite powerful tools, but if you are installing a lot of software- especially little known or specialist software - the prompts could drive you mad.

The correct analysis/diagnosis of HJT logs comes from a lot of learning, and online schools etc, leading to a recognised qualification. It’s rather complex, and requires an in-depth knowledge of the operating system. Regular schmucks like myself can often spot something awry with a log, (having read quite a few), especially browser hijacks or out of date/vulnerable applications, but the actual fixing I would leave to the experts.

5

With Vista Firewall Control Free from SphinxSoftware it is quite easy:
http://www.sphinx-soft.com

Comodo, PCTools, OA are application based, which means, basically, known good applications can be allowed. Anything else should be investigated. The outbound control of a two way firewall can be thought of as a safety net. (My analogy.) If you get malware on the computer that is not recognized/detected by the AV, (A so-called "zero day threat") it will want to connect outbound. The firewall will prompt for permission. The users' decision at that point could (a) save a lot of grief, or (b) cause same. Comodo and OnlineArmour have a type of HIPS (behavioural filter- like an internal firewall) included. So does PCTools, but it's a bit less demanding. These can be quite powerful tools, but if you are installing a lot of software- especially little known or specialist software - the prompts could drive you mad.
The overhead of a software firewall can slow down your browsing experience on slower systems and is un-necessary according to Malwarebytes developer Bruce Harrison: http://www.revver.com/video/1118865/malwarebytes-developer-interview <== the whole interview is very interesting and the software firewall discussion begins about 8 minutes into the video
The correct analysis/diagnosis of HJT logs comes from a lot of learning, and online schools etc, leading to a recognised qualification. It's rather complex, and requires an in-depth knowledge of the operating system. Regular schmucks like myself can often spot something awry with a log, (having read quite a few), especially browser hijacks or out of date/vulnerable applications, but the actual fixing I would leave to the experts.
That is true.