I am getting tons of these errors everyday for the past weeks, all having the same account name. I tried decoding the name using base64 but it seems that it uses another encryption. I really do not know what is going on because the process name is
ssytem32/svchost.exe which contains manyy other processes and the logon type is using a batch file. i would really appreciate any help on what to look for next.
|
|
SubjectDomainName |
WORKGROUP |
|
|
TargetUserName |
@@CyBAAAAUBQYAMHArBwUAMGAoBQZAQGA1BAbAUGAyBgOAQFAhBwcAsGA6AweAcDA5AgNAADAzAgMAQDABBQLAkDA4AAOAIEAtAANAMDA4AgMA0CACBAOAkDAFBQLAcDAFBgRAkDAFBARAcDAGBQRAQEA1AQRA0HA |
|
|
AuthenticationPackageName |
Negotiate |
|
|
ProcessName |
C:\Windows\System32\svchost.exe |