Hello, I'm new here, just found this spot, and registered to add to this topic. Nice to meet you all.
I notice this thread is a bit old, but I have a bit to add to this mystery. Earlier tonight, out of the blue, I was browsing one of my favorite gaming sites on Filesnetwork.com, and all of a sudden something turned on my printer. Something was trying to print a 300kb file to my printer. It came from deep inside this website:
http://www.atdmt.com
There was more to the URL, but my printer spooler did not allow me to see the full URL, unfortunately.
After seeing the site related to marketing, and becoming uneasy, since I had clicked no links, I performed a reboot, and gota drwin.exe error, and I almost never get errors on my pc.
My os, Windows XP home, has the latest patches applied, I run Norton Antivirus 2004, and I also keep a copy of Ad-Aware onhand to keep my machine clean. Internet Explorer is set to medium security.
I run a hardware NAT firewall, and all ports are stealthed. File and print sharing are disabled on my computer, (All of which makes this even more of a mystery).
After the reboot, all seems fine, but I'm concerned. This thing, whatever it is/was, tried to install itself. Currently, I believe it failed, as a search of all my hard drives reveals no copy of drwin.exe. Ad-Aware pronounced me clean, after wiping my nights worth of tracking cookies. (Oy!). I'll have to keep an eye on this, though. I should be surprised something got that far, considering the last XP patch was supposed to fix such attempts to install software such as the infamous download.Ject vulnerability. Apparently, there are still holes to find.
Does anyone have any other info to add? My machine is not a Dell, I have no Dell software. My CD-Burner has never been in this machine, I keep it in a second non-networked machine. I have no CD burning software installed, by any company. (Mentioning this to be clear that this doesn't seem to be Dell or CD burner related).
