Event viewer log getting filled up?

Tim

On my website server computer, I got a warning today that the Event Log was full. I went to look at it, and someone called "MrxSmb" is hitting the site every 2-3 seconds. It also says event - 3034. There's also the occassional DCOM error, event 10005.

What is this? Someone trying to scan the computer to see if it is unprotected or to put their files on it? I'm watching the hard drive used space to see if it increases much.

This computer is running Windows 2000 Server SP4 Update Rollup 1 if that helps any.

Tim

Also, the server computer seems to be uploading like crazy today, all day. It's good if this is all people getting the 80's music videos, but what if it's not?

Sent / Received data packet ratio seems way off. Since restarting the pc last night, I'm currently at 4.23 million packets sent, and 358,000 received.

primesuspect

Have you googled this? Mrxsmb is another computer on your network trying to ping the server for file sharing.

http://tinyurl.com/6yl9m4

Tim

The website server computer is on an internet connection all by itself. I have Comcast high speed cable with dynamic IPs for my main pc and laptops, and the website computer is on a static IP DSL line in another room, as shown in the photos on the site.

I cleared the event log about 7-8 times today, it fills up to 2299 events each time.

After that, I installed AdAware 2008, did a scan, and put in a software firewall and restarted the computer a few times, and so far it hasn't happened again.

I had googled some stuff about Windows 2000 Server and the event log, but not the MrxSmb thing.

primesuspect

The firewall blocked it, because the firewall is blocking SMB.