General discussion

Locked

Eratic Behaviour from Win 2000 Server

By swaithe ·
Hi

I hope someone can help me.

I have three domains in my network environment - Network A, Network B and Network C. Two domains are running Windows 2000 Server and the last is Windows 2003 Server. Each domain has its own Domain Controller. Domain C has two domain controllers. DNS is running within each domain and the Dns server for each network is itself. Each domain communicates with the other via a trust relationship. There is one DHCP server in the network allocating IP addresses to the client machines running Windows XP.

My problem is as follows-
I have a 256/512Kbps wireless internet connection and I noticed that our internet bandwidth has reduced significantly over the last couple of days. I used Ethereal to pinpoint which machine was hogging the bandwith. Ethereal results showed that the computer is querying www.cheaptickets.com for DNS information along with some other wierd sites. It is one of the Domain Controllers in Network C.

I installed Microsft Antispyware to scan the machine for spyware but nothing was found. The Norton Virus defintions are up to date and it found no viruses when a scan was done. When I take this machine off the network the internet bandwidth returns to its normail behaviour. This machine is currently running Norton, Exchange 5.5 and Print services.

What should be my next course of action to rectify this problem. The task manager does not show any unregular behavour within the Processes nor Performance tab.

What could be causing my problem and what should I do to rectify the issue.

PLEASE HELP.

Regards

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by ghemant In reply to Eratic Behaviour from Win ...

Hmmm.... its most likely a problem if hijecking and spyware software ... as single sofware of any spyware and antivirus not able to detect all the spyware / hijecking /trojens / backdoor you need to check it with another spyware also like xsoft / noadware .... i am very sure that it will detect something ...

HTH
Regards

Collapse -

by sgt_shultz In reply to Eratic Behaviour from Win ...

the querys are originating on the win2003 ad controller, not being forwarded? you sure you don't have a workstation with spyware. because out of the box win2003 pretty hard to get spyware infection. so guessing you either lowered browser security on server or your spyware is somewhere else...
also try hijack this

Collapse -

by curlergirl In reply to Eratic Behaviour from Win ...

I would definitely check the machine with additional spyware detection tools - try AdAware, Spybot and Hijack This. Even though Microsoft Antispyware is pretty good, it very well may be missing something.

Also, make sure that your 2003 server is current with security patches, SP1, etc.

Hope this helps!

Back to Windows Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums