I didnt read through all the replies so I do not know if this was recomended or not http://www.microsoft.com/downloads/details.aspx?familyid=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en
On Wed, Oct 21, 2009 at 7:40 PM, Jimmy Tran <[email protected]> wrote: > Joe: When I go to control panel > user accounts > advanced > manage > passwords, I don't see anything in there. I was logged as myself as well. > I did start deleting some apps that I thought could have been causing the > problem so lets see if the problem still continues. > > Sean: I did restart many times. > > -Jimmy > > -----Original Message----- > From: Joe Tinney [mailto:[email protected]] > Sent: Wednesday, October 21, 2009 4:32 PM > To: NT System Admin Issues > Subject: RE: Constantly getting locked of 2003 domain > > A colleague of mine recently encountered this with his account. It turned > out that he had stored his credentials on the machine and then, after he had > to change his password, he started getting locked out. > > For Windows XP, there seem to be user-level and system-level stored > passwords. You view them both similarly, but administrators stored passwords > seem to always be stored at the system level. To view them, go to: Control > Panel > User Accounts > Advanced > Manage Passwords. > > Unfortunately, you can't view the user-level passwords from there and the > only way I've found to view it via the GUI is to be logged in as that user. > To view them when you are a non-admin, go to Control Panel > User Accounts. > It will ask for an admin password but do not give it one. That would result > in seeing the system level passwords you could see as an admin. At the > bottom of that dialog box there is a link to manage your passwords. If you > click on that link you can see your user-level stored passwords. > > You can also run "rundll32.exe keymgr.dll, KRShowKeyMgr" without the quotes > and it will pull up the Stored Passwords window. > > It may not be the issue at all but it has been in the past here. > > Good luck! > > -----Original Message----- > From: Jimmy Tran [mailto:[email protected]] > Sent: Wednesday, October 21, 2009 6:56 PM > To: NT System Admin Issues > Subject: RE: Constantly getting locked of 2003 domain > > I went to the link and everything checked out ok. This machine isn't > mission critical so I could reimage it but I'd like to try to figure out the > problem. > > Thanks, > > Jimmy > > -----Original Message----- > From: Kennedy, Jim [mailto:[email protected]] > Sent: Tuesday, October 20, 2009 6:20 PM > To: NT System Admin Issues > Subject: RE: Constantly getting locked of 2003 domain > > > Those random letter strings at the bottom are not good. This worm usually > blocks most of the anti-virus websites. See if you can get to > trendmicro.com or mcafee or symantec. Or hit this link and see if you can > see their logo's.... > > http://www.confickerworkinggroup.org/infection_test/cfeyechart.html > > Can you just fdisk this machine, or is it mission critical? > > ________________________________________ > From: Jason Morris [[email protected]] > Sent: Tuesday, October 20, 2009 4:46 PM > To: NT System Admin Issues > Subject: RE: Constantly getting locked of 2003 domain > > Sorry, missed CurrentVersion > > [cid:[email protected]] > > From: Jimmy Tran [mailto:[email protected]] > Sent: Tuesday, October 20, 2009 3:33 PM > To: NT System Admin Issues > Subject: RE: Constantly getting locked of 2003 domain > > This is what I get which looks normal: > > > > [cid:[email protected]] > > Jimmy > > From: Jason Morris [mailto:[email protected]] > Sent: Tuesday, October 20, 2009 1:10 PM > To: NT System Admin Issues > Subject: RE: Constantly getting locked of 2003 domain > > Thats because Conficker runs as the Network Services Account. > > Look under: > HKLM\Software\Microsoft\Windows NT\SVCHost\NETSVCS and see if there is any > gobbledygook at the bottom of the entries. Ths your DLL that is running > under Windows\System32. > > > > From: Jimmy Tran [mailto:[email protected]] > Sent: Tuesday, October 20, 2009 3:08 PM > To: NT System Admin Issues > Subject: RE: Constantly getting locked of 2003 domain > > No services running under my account when logged in as a different user. > Jimmy > > > From: Roger Wright [mailto:[email protected]] > Sent: Tuesday, October 20, 2009 1:06 PM > To: NT System Admin Issues > Subject: Re: Constantly getting locked of 2003 domain > > Any services running under your account with an old password? > > > Roger Wright > ___ > > Sent from Tampa, FL, United States > On Tue, Oct 20, 2009 at 4:00 PM, Jimmy Tran <[email protected]<mailto: > [email protected]>> wrote: > Every 5 minutes or so, I get lock out of our domain. I ran EventCombMT and > traced it back to a specific machine. Does anyone have any suggestions on > what I can do to figure out what program/service is attempting to contact > the DC with an incorrect password?ve been dealing with this all morning and > it is driving me crazy. > > > Windows 2003 Domain > Windows XP SP3 machine > > Thanks, > > Jimmy > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------------------ > > The pages accompanying this email transmission contain information from > MJMC, Inc., which > > is confidential and/or privileged. The information is to be for the use of > the individual > > or entity named on this cover sheet. If you are not the intended recipient, > you are > > hereby notified that any disclosure, dissemination, distribution, or > copying of this > > communication is strictly prohibited. If you received this transmission in > error, please > > immediately notify us by telephone so that we can arrange for the retrieval > of the original > > document. > > > > > > > > > > > ------------------------------------------------------------------------------------------ > The pages accompanying this email transmission contain information from > MJMC, Inc., which > is confidential and/or privileged. The information is to be for the use of > the individual > or entity named on this cover sheet. If you are not the intended recipient, > you are > hereby notified that any disclosure, dissemination, distribution, or > copying of this > communication is strictly prohibited. If you received this transmission in > error, please > immediately notify us by telephone so that we can arrange for the retrieval > of the original > document. > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
