I have a terrible spam bot I can't seem to find. In TCP View, I've found PID 732 (services.exe) is rife with smtp connections but I ony see EventLog and PlugandPlay when I look at it via tasklist /svc. Antimalware Bytes comes up with nothing as does Prevx, Vipre or Trend. Also, system restore is missing from Computer properties. I'm going to try running Stinger, but I haven't had any luck with that in years. I can always block port 25 in windows firewall, but I'd rather a real solution. Any help would be most appreciated.
BTW - It's an XP SP3 workstation on a SBS 2003 domain. (removed from right now ;-)