I have cleaned up everything I can but still have the problem with the reboot causing homepage changes. It appears to be a swap file situation as the .bak file goes to the site I was using before the original hijacking occurred. I could use a little help with this one.The hijacking program pack was very complex and included at least four seperate programs for defense and two for actually accomplishing the hijacking as well as a number of included misc other spyware items and trojans just to cloud the waters,a total of about a doze different items in one quick package. Currently I believe I am down to just one remaining part, the reboot component. Spybot, shredder, and hijack show me nothing that I can pin point. I would like to know of a program that will log all activity on a computer during reboot to allow me to look for the offending program. I have inclded a hijack log below.