G
Guest
I am hoping that someone can help me with the problem that I am having with
my small peer-to-peer network. The network consists of three computers, all
running windows XP Pro edition. The "main" computer hosts a SQL server (the
free version). I enabled the logging of events on this computer. Recently,
I inadvertently ran the system for approximately 1 month with out a firewall,
and with the antivirus program disabled. I currently use the computer
Associates version of an antivirus program that comes with my DSL phone line
and I also have run from the beginning MS Defender. I remotely access my
system using Microsoft's remote desktop. Recently, whenever I log onto the
system I get a message indicating that "the security log for this computer is
full". I have cleared the log file, and it immediately fills back up. Under
the security tab, I have hundreds if not thousands of entries that look as
follows:
Event Type: Failure Audit
Event Source: Security
Event Category: Privilege Use
Event ID: 577
Date: 11/2/2006
Time: 10:19:25 AM
User: INTEL\Mark
Computer: INTEL
Description:
Privileged Service Called:
Server: Security
Service: -
Primary User Name: Mark
Primary Domain: INTEL
Primary Logon ID: (0x0,0x1451D)
Client User Name: -
Client Domain: -
Client Logon ID: -
Privileges: SeTcbPrivilege
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
I also have hundreds of entries as follows:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 11/2/2006
Time: 11:44:56 AM
User: NT AUTHORITY\SYSTEM
Computer: INTEL
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: Mark
Domain: INTEL
Logon Type: 2
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: INTEL
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Obviously, I am concerned that I may have some sort of Trojan program on my
system. Although, I have scanned with both Microsoft defender, and the
antivirus program, and nothing is found. I would greatly appreciate any
assistance in determining what may be causing this problem with my System.
Thanks in advance.
my small peer-to-peer network. The network consists of three computers, all
running windows XP Pro edition. The "main" computer hosts a SQL server (the
free version). I enabled the logging of events on this computer. Recently,
I inadvertently ran the system for approximately 1 month with out a firewall,
and with the antivirus program disabled. I currently use the computer
Associates version of an antivirus program that comes with my DSL phone line
and I also have run from the beginning MS Defender. I remotely access my
system using Microsoft's remote desktop. Recently, whenever I log onto the
system I get a message indicating that "the security log for this computer is
full". I have cleared the log file, and it immediately fills back up. Under
the security tab, I have hundreds if not thousands of entries that look as
follows:
Event Type: Failure Audit
Event Source: Security
Event Category: Privilege Use
Event ID: 577
Date: 11/2/2006
Time: 10:19:25 AM
User: INTEL\Mark
Computer: INTEL
Description:
Privileged Service Called:
Server: Security
Service: -
Primary User Name: Mark
Primary Domain: INTEL
Primary Logon ID: (0x0,0x1451D)
Client User Name: -
Client Domain: -
Client Logon ID: -
Privileges: SeTcbPrivilege
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
I also have hundreds of entries as follows:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 11/2/2006
Time: 11:44:56 AM
User: NT AUTHORITY\SYSTEM
Computer: INTEL
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: Mark
Domain: INTEL
Logon Type: 2
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: INTEL
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Obviously, I am concerned that I may have some sort of Trojan program on my
system. Although, I have scanned with both Microsoft defender, and the
antivirus program, and nothing is found. I would greatly appreciate any
assistance in determining what may be causing this problem with my System.
Thanks in advance.