auditing nt hash

["Ryan Sebastian" <Ryan.Sebastian () comcast net>]

I'm trying to figure out the nt hash vs lm hash. I'm using pwdump2 and john.

The OS is Windows XP pro (non-domain computer). 

I dump the hash with pwdump2 and then run John against it. All passwords are
4-8 characters and it finds the passwords relatively quickly.

I went and set the nolmhash value to 1 and re-dumped the hash.  The hash is
exactly the same as before? I thought setting nolmhash was supposed to
prevent storage of passwords?  I'm guessing pwdump2 can still pull nthash?
The password cracking seems to take the same amount of time.

Can pwdump2 still pull the nt hash?
Can john crack nt hashes or just lm?
What am I doing incorrectly?

Thanks
dissolved