I'm posting this as it may help others as we found the answer.
Monday was chaos, trying to connect to SQL Servers from management studio as usual gave the error
Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
Yet the servers were running OK, I could log onto the server as an admin and open up management studio and connect with windows accounts there.
And the sql logins were fine which meant that most applications were OK as the they connect with sql logins. However Sharepoint was well and truly broken and we use that quite heavily so users weren't happy and the helpdesk phones were hot.
The sql error log revealed a second message
SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed
A bit of google suggested this could be by having the same computer on AD twice and with a new domain being built and virtual servers being cloned for it this was possible.
However it turned out to be a red herring.
Microsoft release patches on the second Tuesday of a month and we download the following day and immediately applied to test sql and web and sharepoint servers, sql 2005 and 2008 and windows server 2003 and 2008. They are applied to live on the third Friday of the month so this time we had over a week of testing and all was fine and the patches were applied to all servers. However this time one patch for windows server 2003 was incorrect and affected domain controllers so was re-released by Microsoft a week later and it was this dud patch which caused all our chaos. Once we checked and downloaded and applied the revised patch to the domain controllers, connectivity was restored and suddenly all was well again.
The moral: check that there aren't any later re-released corrected patches, even if it is only a day or two since release!