Windows Security Event Log shows many type 3 logon/logoff from domain users

Noticed on first a Windows 2003 Server in the security event log domain users in our large city domain has users logging on and off continuously.  Then I looked at my Windows XP PC event log and see the same.  Why is it that a PC or Server would have this activity happening on all of its nodes?  Is there something that should be addressed in the NT Domain configuration?  If I don't need this to occur on a server acting as an appliance, do I shutdown the Net Logon service and just use the SAM for authentication?
Who is Participating?
danfiggolfConnect With a Mentor Author Commented:
QAKBOT was the problem.
Fridolin MansmannMaster of Business Engineering ManagementCommented:
Error Events would be helpful, sometimes these kind of events are "normal" depending on the audit log level. Also provide some more information about OS, version etc.
danfiggolfAuthor Commented:
Event ID 538 and Event ID 540.  This is a Windows 2003 Domain.  The server is Windows 2003 and the clients are currently XP SP3.  If you look at the log at any PC or Server in the domain they have all the domain user accounts logging in and logging off.  Is this a browsing thing, where the users are not actually attempting to logon to the systems, but just a browsing functionality or incorrectly configured NT Domain?
danfiggolfAuthor Commented:
because I did not provide enough detail for the experts to understand the problem.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.