Hello guys, just have a little problem and I was hoping you could give me some advice. Just FYI I have followed your basic tutorial on Spyware fixes and found nothing. My PC has been running with the following for about 2 months (updated programs every few days) - Windows Xp with Service Pack 2 Mozilla Firefox Browser (With noscript extension) AVG Antivirus Adware SE Personal with VX2 Plugin Spybot S&D Microsoft Antispyware Spyware Guard Spyware Blaster a-squared program Now in the last week or so AVG pop-ups have been coming up stating that it is scanning outgoing e-mail, I'm sending nothing so I'm assuming I have some sort of nasty, I'm especially worried that it is a keylogger or something or that nature. I was unaware of the frequency of these contacts till I turned on the logging feature of AVG last night, checking the log this morning shows that this crap is attempting to connect around every 30 mins or so. Running all of my antivirus and antispyware programs listed above find nothing, additionally I have run a couple of online scans including Pandascan and they have found nothing. Also I have run Hijack this and run the log through the online analysis and nothing looks suspicious. Currently I'm at work and so I cannot post a log of what is being sent but I found a person who had a similar problem and here is their AVG log - 5.3.2005 15:44:27 [12c] AutoPOP3(10110): Connection from 127.0.0.1:2737 5.3.2005 15:44:27 [c58] AutoPOP3(10110): Client connected 5.3.2005 15:45:09 [c58] AutoPOP3(10110): Cannot connect to OL130-184.fibertel.com.ar:10111 5.3.2005 15:45:09 [c58] AutoPOP3(10110): Connect: The operation completed successfully. (0) 5.3.2005 15:45:09 [c58] AutoPOP3(10110): Client disconnected Its not exactly the same as mine but the company name FIBERTEL is exactly what my log says as well, but the ip is different. If you guys could possibly post some suggestions as to scanning options or any other solutions then I can try them out when I get home. I'll post my AVG log when I get home and attach a copy of my Hijack this log. Thanks in advance.