T
Tumurbaatar S.
I found below logs in my WinXP's Event Log. And wonder
either someone tried to logon locally thru keyboard or some
program failed to impersonate? Or some remote one?
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 680
User: NT AUTHORITY\SYSTEM
Computer: MYPC
Description:
Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: administrator
Source Workstation: MYPC
Error Code: 0xC0000064
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
User: NT AUTHORITY\SYSTEM
Computer: MYPC
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: administrator
Domain: MYPC
Logon Type: 10
Logon Process: User32
Authentication Package: Negotiate
Workstation Name: MYPC
either someone tried to logon locally thru keyboard or some
program failed to impersonate? Or some remote one?
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 680
User: NT AUTHORITY\SYSTEM
Computer: MYPC
Description:
Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: administrator
Source Workstation: MYPC
Error Code: 0xC0000064
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
User: NT AUTHORITY\SYSTEM
Computer: MYPC
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: administrator
Domain: MYPC
Logon Type: 10
Logon Process: User32
Authentication Package: Negotiate
Workstation Name: MYPC