Found a couple of cool sites that read hijack this logs automatically. Copy the log and paste in the box hit analize. http://www.hijackthis.de/, Oops only one thought I had 2. I have used it a few times. Handy little item.

Found a couple of cool sites that read hijack this logs automatically. Copy the log and paste in the box hit analize. http://www.hijackthis.de/, Oops only one thought I had 2. I have used it a few times. Handy little item.

A good site yes but you do need to be careful as its not 100% accurate.as for my log if told me to delete my home page ,nothing wrong with my homepage it my ISPs' site.also told me IESpell checker was bad ,Its not ,I use a program called hijackthis helper [not 100% either ],given to me when i joined a hijackthis learning class at Tom Coyotes last year,it actually reads the log the same way ,i think someone must have set this site up to used the hijackthis helper program .

Yes your right. You do need to be careful. With ie spell did the same thing to me, showed it as spyware. Myself I have used the site and took out a few things. No problems here. I just think its a great way to learn about hi jack this logs and how to understand them. No way will I ever attempt to read any one else hi jack this logs and help them. I just do so for my own personal use. If I am gonna screw up a computer let it be mine and mine alone. Give me a excuse to reload xp. Have a nice day....

Thank you so much for the link. Helped me out allot. Still refuse to attempt to help others but I can now look at them, see what I think the problem is and wait for someone more qualified to respond and see if I am right. Thank you again. Have a nice day.

OK,a few more links and tips to get you hooked!
search startups like this one ,O4 - HKLM\..\Run: [SystemTray] SysTray.Exe, you can search either ,this from inside the brackets,"SystemTray" or the EXE listed .
Startup link !=
http://castlecops.com/StartupList.html

Search BHOs' and CLSID ,like this ,O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL, by searching the large number ! with out the brackets,{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} search here = http://castlecops.com/CLSID.html

Then i can use Spywareblaster to search this one ,using the large number as above .
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab

I use CSWShredder in Debug mode to search this line for CSW vairents
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kon4ay.biz/k/
taking the ,kon4ay.biz and paste it in shredder debug mode and search and its a needles search site but not a cws variant .
but others aren't !!
I use this site to search the 020,021,022,023
http://www.fbeej.dk/NewHJTEntries.htm

this site for the 010s'
http://castlecops.com/LSPs.html

Another Hijackthis tutorial.
http://www.bleepingcomputer.com/forums/index.php?showtutorial=42

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.