Log Name: Security
Date: 3/7/2013 6:35:11 PM
Event ID: 4797
Task Category: User Account Management
Keywords: Audit Success
An attempt was made to query the existence of a blank password for an account.
Security ID: sara\Mark
Account Name: Mark
Account Domain: sara
Logon ID: 0x2FBFF
Caller Workstation: SARA
Target Account Name: Guest
Target Account Domain: sara
Literally get at least a hundred of these a day...also along with event's 4672,4624,4634,4648(logon was attempted with explicit credintials)
Looked around online and seems like this is a common theme with win8...doesn't matter which version and no one has any idea what it's for. These entries post usually after im already logged into my account. Mcafee antivirius plus is up-to-date, along with windows...did full scans and came back with nothing. If you look at additional info you see it's targeting my guest account which is disabled, also have logs for admin account and the account I use, along with some other weird domains like homegroup$
any help or thoughts would be appreciated just trying to make sure this is just a bug microsoft needs to figure out!
Microsoft forums no help at all :
They're all mystified. They posted to Microsoft, Kaspersky, Avast, and How-To Geek Forums, and no help from any of them. All scans return clean results. It's unlikely to be a rootkit.
it doesn't appear to be malicious or external. Its Windows being a dumb ass. Or there's a genius reason for it and I just don't get it..
yea checked out all those forums also...seems to be a re-occuring theme with anyone using win8, others have posted they re-imaged and then without hooking up there lan are still getting it so looks like its OS problem....