This is a tough one. I manage a small NT Server 4.0 - based domain. There are 2 network devices - a Cisco FastHub 24 port 10/100 Hub and a 24 port NetGear 10/100 hub, connected together for a single collision domain. These are wired typically through a cat 5 patch panel with drops out to offices and cubes in the office with about 20 computers on the network. Everything is connected to the internet through an integrated voice/data T1 providing 768k of T1 bandwidth through a VINA router and then through a Sonicwall SOHO/50 firewall. One of the desktops, a Dell Optiplex with an internal PCI network card, had major spyware and viruses and was running very slowly. After spybot and adaware did not completely fix the problem, we decided to wipe the HDD and start over, formatting the drive and installing a fresh clean Win2k OS with SP4, all latest security updates, etc. We also installed the usual apps - Office 2000, Adobe Acrobat, Norton A/V Corporate, Spybot (to immunize), Printer drivers, FileMaker, etc. The only "non-standard" app is a timekeeping app called Timeslips whose binary files run from the server through a mapped network drive. Email is Outlook using Exchange Server and .pst files stored on the file server. Ip addresses are assigned by DHCP server using 192.168.1.0 range for NAT.
The system seemed to run fine after the rebuild, but shortly after it came back online, it started having weird problems where it would lose it's connection to the network for brief periods. I ran an extended ping test and found that it would drop 4-10 packets on an intermittent basis, just enough to hang Outlook and cause problems with Explorer when browsing the network.
So, I did the usual thing - I checked, and then replaced almost all of the physical network connections. I replaced the Network Card with a new 3com card, changed to a different Cat 5 patch cable on a different wall jack, changed to a different port on the patch panel with a new cable and connected to a different hub from what they had been connected to previously. This did not resolve the issue. I then took the machine home, removed a PCI modem that was not being used and put the 3Com card in the PCI slot that was used by the modem. I then ran an extended ping test on my home network and it did not drop any packets. I then brought the system back to the office and it is now doing the exact same thing - dropping packets and losing network connection periodically. When I had the system at home, I also ran 3 loops of the Dell diagnostics that come on a set of 5 floppy disks. These tests included Memory, PCI, drives, IDE controllers, etc. Everything passed ok.
Also, at one point at the beginning of this problem I found out that someone in the office added a linksys wireless router and left the DCHP server on so we had a DCHP conflict that affected this particular desktop. After I cleared that up, it seemed to fix the problem, but that didn't last long as the system started losing it's connection pretty frequently even after the DHCP issue was resolved.
I'm not sure what to do next with this. It seems that since the system worked ok on my home network, there must be something specific about the office network that is causing the issue. I don't know what to do next though as the system appears to be working fine in all respects except this and I have already replaced / changed every physical component of the network connection possible. Could there be some sort of issue with a stuck entry in an ARP cache somewhere? Some malicious program that is trying to reach this system and is effectively sending a brief DOS attack? Not sure what to do next....any advice would be appreciated.