weird SMBD make_connection errors

So I'm looking at the traffic logs for our router, and I found something odd. Every morning at 2am until 3:45am there's a consistant load of traffic coming from somewhere on the LAN to one of the machines in the DMZ.

I'm still looking into trying to figure out which machines are the sender and receivers. But in the processes of looking into it, I found on BOTH of the two servers in the DMZ sections in theirvar-log-messages like this:

Sep 4 03:33:39 webserve smbd10943: 2006-09-04 03:33:39, 0 smbd-service.c:makeconnection(1102) Sep 4 03:33:39 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.bat Sep 4 03:33:39 webserve smbd10943: 2006-09-04 03:33:39, 0 smbd-service.c:makeconnection(1102) Sep 4 03:33:39 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.cmd Sep 4 03:33:39 webserve smbd10943: 2006-09-04 03:33:39, 0 smbd-service.c:makeconnection(1102) Sep 4 03:33:39 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.exe Sep 4 03:33:39 webserve smbd10943: 2006-09-04 03:33:39, 0 smbd-service.c:makeconnection(1102) Sep 4 03:33:39 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.com Sep 4 03:33:39 webserve smbd10943: 2006-09-04 03:33:39, 0 smbd-service.c:makeconnection(1102) Sep 4 03:33:39 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.pif Sep 4 03:33:39 webserve smbd10943: 2006-09-04 03:33:39, 0 smbd-service.c:makeconnection(1102) Sep 4 03:33:39 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.lnk Sep 4 03:36:04 webserve smbd10943: 2006-09-04 03:36:04, 0 smbd-service.c:makeconnection(1102) Sep 4 03:36:04 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.bat Sep 4 03:36:04 webserve smbd10943: 2006-09-04 03:36:04, 0 smbd-service.c:makeconnection(1102) Sep 4 03:36:04 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.cmd Sep 4 03:36:04 webserve smbd10943: 2006-09-04 03:36:04, 0 smbd-service.c:makeconnection(1102) Sep 4 03:36:04 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.exe Sep 4 03:36:04 webserve smbd10943: 2006-09-04 03:36:04, 0 smbd-service.c:makeconnection(1102) Sep 4 03:36:04 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.com Sep 4 03:36:04 webserve smbd10943: 2006-09-04 03:36:04, 0 smbd-service.c:makeconnection(1102) Sep 4 03:36:04 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.pif Sep 4 03:36:04 webserve smbd10943: 2006-09-04 03:36:04, 0 smbd-service.c:makeconnection(1102) Sep 4 03:36:04 webserve smbd10943: designer04 (192.168.0.18) couldn't find service printprep.lnk

Now, "printprep" is actually two things: There's a shared (SAMBA) folder on one of the two servers named "printprep" and there's a Web page named printprep.php, both of which that employee on PC "designer04" uses. What in the world is causing that one out of several WindowsXP PC's to spam the Fedora Core 5 servers for two minutes each day with these makeconnections for files that don't exist?

I don't know if this is tied to the huge nearly two hour data transfer each morning, but I can't find anything else suspicious in the FC5 logs, and I'm turing on more auditing options on the WindowsXP PC's tonight so I can look it their Event Viewers. I was just wondering if someone could give me a pointer on what the above might be about. Thanks! -Liam