Don, send me you phone number via email. I can probably help with this. I do it all the time here for friends and siblings. 

Post hijackthis log to http://www.hijackthis.de/ hit enter, and see what it finds.

Not necessary...he had two items needing removal, the rest were normal Vista stuff.

Well, They have stopped.
That is funny in it self. Dose it not take days for returned emails to go through the mail system. But so for nothing has came through. :.)

A friend in Israel had a similar problem, but it was the ISP that was infected. I wonder if that was your problem.

Well he definitely did have some malware found by HiJack this, and removeit pro.

They are Back.    crash is in the future.

Wellll....thinking about "format C"?

"A friend in Israel had a similar problem, but it was the ISP that was infected. I wonder if that was your problem.


Well he definitely did have some malware found by HiJack this, and removeit pro."

Naaah....it was just one of your skins, Jim....   

Seriously though, I think you've gotten to the point of formatting your drive, mate....hope you have a clean backup.

i am talking about full crash. start all over. and may be just through it out the window. lol

I forgot to add. this is really funny.

I cleaned the startup menu. not sure why but after running Hijack this and RemoveIt. all emails stop. The funny thing is next thing i know is restore and backup is on my clean startup menu. I did not even run it. then emails come back.

Then Jim tells me to delete the two things from hijack this all things go good again. no emails.

Since i was suspicious of restore and back up thing. I cleared the start menu again. next thing you know backup and restore is on it again and emails are back.

Any ideas how it gets back on there.

I have never use that so it should not be on the start menu

Sounds like the virus is using backup and restore to activate the email worm again.  Programs appear on the left side of the start menu based on frequency of use.

Turn off system restore on all drives, reboot, delete backups, reboot, run the progs that let you get rid of the worm to begin with. Once all this is done, turn system restore back on. If this don't work, I could probably fix it if I had it. But you are about to the point where a format is called for. It may be a polymorphic virus, which stays ahead of the virus programs by changing into some other form every so often.  http://www.webopedia.com/TERM/P/polymorphic_virus.html

Jim did all above. Scans have come up empty handed. If you dont mind i can send you a hiJack this doc to see if you can find some more or new ones.

this is crazy. to think I had Anti-virus and firewall with spyblaster install to make me feel safe.

Send away, I wish I was there. Fixing this kind of thing is a lot easier hands on. I have found precious little I can't fix. If I can get my hands on it. That's why a PC tech hates phone calls. My Dad in law sent me to school for this stuff. I wish I could be there to fix this.