I have a client's network that started acting up about 4 weeks ago. Random workstations (clients) at random times would loose their connection to the exchange server and/or the network drives. All clients are Windows XP running up to date CA ITM release 8 and Servers are all Windows 2003 (One PDC, the rest are member servers). Upon deeper investigating, the clients DNS Servers are randomly set to 18.104.22.168 & 22.214.171.124 when my DHCP only assigns 10.1.10.3 (PDC) and no Group Policies are set either. Today I manually set a handful of the clients to 10.1.10.3 to see if that helps. Does anyone know of any spyware, adware, or malware that may hijack the dns settings randomly. Everytime I found a client with the incorrect dns and chose to repair the network connection, it would correct the problem. After rebooting and / or logging out and back in several times, some of them reverted back to the incorrect servers again??? Very random with no repeat patterns.