I think i may have a new variant of sasser or blaster on my network.
What is happening,
After trying to solve a netowrking issue on a network of a friend, i brought there windows 2000 server on my network and it affected my network in the same manner.
I tried multiple anti-virus, spy remover, microsoft tools and i can't find any bugs.
The problem is basically a very slow file sharing on the network. At some points, especially when the sp2 firewalls are on, the computers may freeze and if i disconnect them from the netowrk, they come back like magic.
2-3 times a day i loose my mapped connections (a message saying that the security may have been compromised appears and that this drive letter is already in use). I can still ping perfectly all computers and beside logging off and on again, i can't find another way of reestablishing the drive connections.
I tried to format computer one by one and even my server but the problems come back very fast.
Even with only one computer and the server with a crossover (without internet) i got the same problems.
I tought of blocking all modifications in registries and settings with spybot S&D teatimer but still i can'T see modifications, i just see the problem.
1. What can i do to find the bug if Symantec and Mcafee never saw it before.
2. Knowing how to surf packets with etherreal, is there any way to find those or i have to know all packets and what they do?
3. Any suggestions or help will be appreciated, i can even pay someone a reasonable fee to log on by VNC or webex to help me. If that persons lives in Montreal, i can arrange a weekend meeting.
4. Is there any virus that affect only file sharing?
5. I disabled all firewall and surfing trough folders on my server across my network, there was some that i couldnt reach... after logging out and looging in, i could with no problem. Sometimes it only takes 10-15 minutes and without logging of i can connect again.
Hopefully one of you is an expert enough to help me and believe me that when it comes to basic settings and networking, i'm an expert myself. I'm a tech support on major networks and i have my CCNA and multiple other certs, i just can't find this answer!
On both networks the problems appeared at one point while the network or part of the network was connected with another network directly without routers.