Unable Logon to Vista with my account inspite of typing right password

Discussion in 'General Technical' started by kumse01, Jan 24, 2008.

  1. kumse01

    kumse01

    Joined:
    Jan 24, 2008
    Messages:
    3
    Likes Received:
    0
    Hi All,

    This is a strange scenario. I am unable to logon to Vista with my user account inspite of typing in the right password( I am verry sure that the password i am typing in is correct as i have been using it for quite some time). Throws invalid password error.

    Luckily i had another parallel account with right priveleges.I logged on to that account and reset the password for my user account.

    I reviewed the event logs and observed the following error

    Event ID:6037

    Source:LSASRV

    Description:

    The program lsass.exe, with the assigned process ID 123, could not authenticate locally by using the target name host/\\machinname. The target name used is not valid. A target name should refer to one of the local computer names, for example, the DNS host name.

    Try a different target name.

    I performed a search on google ,event id site and microsoft support site but not able to find any info on this error message which is quite strange.

    any one come across a similar problem before or any idea why this problem was observed?
     
    kumse01, Jan 24, 2008
    #1
    1. Advertisements

  2. kumse01

    WAW8

    Joined:
    Jan 27, 2007
    Messages:
    3,541
    Likes Received:
    2
    Location:
    Northern Virginia, USA
    There have been reports where lsass.exe has been "hijacked" by a virus which then points the OS away from the copy in C:\Windows\System32 to a virus/trojan-injected version resident elsewhere. So, the first thing to do is check for that file and confirm that it has the same date and time stamp as the other system files surround it in the list.



    Other references I found to lsass.exe and LSASRV-related problems had to so with Windows Server 2K3, Active Director, and domain-based environments. So, are you logging into a local machine? Or are you logging into a corporate network machine?
     
    WAW8, Jan 25, 2008
    #2
    1. Advertisements

  3. kumse01

    kumse01

    Joined:
    Jan 24, 2008
    Messages:
    3
    Likes Received:
    0
    Hi,

    Thanks for the update.My vista machine is work group and not part of any domain.

    SK
     
    kumse01, Jan 26, 2008
    #3
  4. kumse01

    WAW8

    Joined:
    Jan 27, 2007
    Messages:
    3,541
    Likes Received:
    2
    Location:
    Northern Virginia, USA
    OK, so have you checked the file info like I suggested?
     
    WAW8, Jan 26, 2008
    #4
  5. kumse01

    kumse01

    Joined:
    Jan 24, 2008
    Messages:
    3
    Likes Received:
    0
    Hi,

    I checked the modified date of the file lsass.exe and lsasrv.dll. I does matches that of other files on system32 directory.Could this be a same database error or any registry corruption?

    SK
     
    kumse01, Jan 27, 2008
    #5
  6. kumse01

    WAW8

    Joined:
    Jan 27, 2007
    Messages:
    3,541
    Likes Received:
    2
    Location:
    Northern Virginia, USA
    Here are some details on more stuff you can do (courtesy of "Dwarf" from www.tutorials-win.com):



    "This file, lsass.exe, is an essential part of the Windows operating system.

    LSASS, the Local Security Authority Subsystem Service, is responsible for

    helping Windows manage security and logins. It is normal for this process to

    access the system on a regular basis, but excess access by this process is a

    case for concern, particularly when accompanied by higher than normal CPU

    useage. You should be able find the lsass.exe file in the following folder:

    'C:\windows\system32'.



    Check this by opening 'Task Manager'. Select the 'Processes' tab. Click on 'Show processes from all users' (provide administrative credentials when prompted). Scroll down the list until you come to 'lsass.exe'.



    Check the 'CPU' useage for this process. Right click on 'lsass.exe' and select 'Properties' from the popup menu. In the 'General' tab, check the location of this file. If it is different to that mentioned above, then your system is infected with a variant of the SASSER malware and you should scan your system with your anti-malware tools, allowing them to fix any problems that they find. In severe cases, a reinstallation of your OS

    may be required."
     
    WAW8, Jan 28, 2008
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.