What is sending email from my computer to phys.msu.ru? I have scanned with Adaware, AVG, SpyDoctor, and currently with Avira Anti-Virus... I've also ran a rootkit detector... I have ZoneAlarm installed, which seems to be getting bypassed... I know something is up because I see the AVG POP3 mail scanner scanning outgoing mail to the physics department at msu in russia... Have no idea what its sending or from which process... Pages with Java in Firefox have been screwed up, but I'm not sure if that's related... I'm a professional programmer, and have done plenty of system repair and clean ups, so I'm not without experience, but this has me baffled.... Thoughts on directions I should explore or tools??? Thx

I have difficulties doing a whois lookup for phys.msu.ru. The only thing I can do is lookup msu.ru (doesn't look good) Are you running firewall? i_XpUser

Moscou State University??? http://www.msu.ru/en/

I would be inclined to try another firewall, make sure XP & ZoneAlarm firewalls are disabled ( turned off ) Comodo Personal Firewall http://www.comodogroup.com/products... Comodo has > Scan for known applications ( it reduces the number of popups after installing ) Refer below. http://img412.imageshack.us/img412/... Also, if you want less popups & lower security, tick > Do not show any alerts for the applications certified by Comodo. http://img232.imageshack.us/img232/... FAQ http://forums.comodo.com/index.php/... Flash tutorial ( You may have to use IE ) http://www.embsolutions.com.au/cpf_... http://forums.comodo.com/index.php/... How to Protect your wifi-Lan http://forums.comodo.com/index.php/... Forums http://forums.comodo.com/ Tests http://www.matousec.com/projects/wi... System Requirements * Windows 2000 (ALL) * Windows XP (ALL) * Windows 2003 (ALL) Note - Not compatible with Windows 9x systems Comodo Firewall, rated by PC Magazine Online as an Editor's Choice, constantly monitors and defends your PC from internet attacks. It's easy to install and use and passes the industry's most stringent firewall "leak" tests. Unlike some other 'free' firewalls, this is not a stripped down version but is the full, completely functional product. This free solution comes complete with continual updates that are free forever. As Internet access becomes vital to all business organizations, network security and privacy affects everyone. Comodo, a leading global provider of trust and assurance services for the Internet, provides the highest level of protection for networks and home users alike. Comodo Personal Firewall is one of the smartest personal firewalls you can ever see. While providing answers to firewall’s questions, users usually do not understand the complex questions which involve complicated connection details like IP addresses, Ports, Application paths etc. Comodo Personal Firewall helps you to understand what is going on by analyzing each alert and providing you an intuitive, easily understandable Security Considerations section with each question it asks. With its built-in application database, Comodo Personal Firewall classifies more than 10.000 applications according to their risk level such as SAFE, SPYWARE, ADWARE etc. It is the only personal firewall which has such a big application database and which uses such a database to analyze the security risks. Comodo Personal Firewall is a complete, easy to manage and effective barrier that keeps hackers out and personal information in. Benefits * Constantly monitors and defends your PC from internet attacks * Free maintenance upgrades * Gain complete control over which programs are allowed internet access * Stay protected against new threats via automatic online updates * Real time traffic monitoring enables you to react instantly to threats and identify bandwidth bottlenecks. * Easy to use interface and quick setup * No license fee – complete protection at no cost for networks and home users http://www.pcmag.com/article2/0,189... Note - Not compatible with Windows 9x systems

I fixed one like your a couple mouth back, I had a hell of a time finding it. When you would do a netstat /a from CMD you would get 12+ ports 25 open and active it was spaming though a RU Email. If I remember I used a old firewall Tiny 2 and highjackthis and killed the bad dll useing Bert Pe.

Here is a very good free online test from world leaders in security. It will let you know what needs securing ( updating ) & what needs removing ( security risk ) Secunia Software Inspector http://secunia.com/software_inspector

Have you checked your email client to verify that the email is actually being sent? Life is more painless for those who are brainless.