I have a user account that is locking out repeatedly every couple of mins I was able to track it down to a server on our network attempting to autheticate with the user account. There isnt any reason why this should be happening I went through every service on the server and the name is not associated with it in any way it started when the accounts password was changed. the logs dont give me much detail at all as to what service/process is trying to use that account I have ran malwarebytes on it and a couple of reg settings were flagged and I removed them our virus scans have not found anything either. Just to verify I did shut the server down after hours and the account did not lock until I started the server backup so its only this one device. Any ideas of what else to look for?