Posted 22 December 2008 - 11:55 PM
OK, I'm way confused. I have auditing for logon/logoff set to "Success/Failure" in my event logs. I've noticed numerous failed logon attempts; types 2, 3, and 8. I tell myself that there must be a logical explanation for these numerous failed logon attempts but cannot find any. I use the machine 96% of the time and my wife the other 4%. She is on a user-access account. I'm on an admin-account and should probably use my power-user account more often.
The peak of this problem is that for approx two minutes on Dec 18th '08 I had a failed logon attempt each second of those two minutes. These were logon type 3 attempts. My PC is Lenovo X61 and is configured on a workgroup, not on a network of any kind. This is my home internet connection. I have one other pc and it is not configured with my Lenovo to be on any sort of network, they simply connect through the router; no domain is set.
My laptop (and desktop) is protected with Kaspersky Internet Security 2009 and also is behind a wireless NAT Linksys router with firewall features on. I also have that router set so that wireless machines cannot communicate with eachother. UPNP and SSDP are disabled as is Remote Help/Assistance.
All of my machines are fully patched and updated as per Microsoft and Thinkpad update utilities.
I also run spybot once or so per week on top of Kaspersky's high-security-settings scans. The worst that I've found are tracking cookies. My machine is not slow or showing other signs of infection by anything.
I'm hoping that there is an application-based explanation for the numerous failed attempts to logon to my account, but I cannot figure it out.
I hope that it's not the result of Lenovo's crap-ware; their software has given me headaches way too much in the past and I'll never purchase another one again.
I can post logs, or whatever would be needed. These are all 529 event id's. Please help me to figure this one out. There are other errors, though, these 529's are my main concern.