Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Deleted NT Authenticated Users from my domain, now I can't access.

14 Jan 2018   #1
xedge

Windows 7 Ultimate x64
 
 
Deleted NT Authenticated Users from my domain, now I can't access.

Hello folks from Seven Forums,

I have a real issue here, hope anyone can help.

I had a security issue with my computer. Someone accessed my account from another domain, maybe some kind of malware tagged as kwikdelivery.com.

However, I managed to get it out of my domain, by eliminating it from a domain administation panel on Windows, but on my ignorance, and seeing it as some name that I don't know I deleted NT Authenticated Users from the domain too.

At first it didn't seem to be a trouble because I didn't shut down or restart my computer in a while, but when I actually wanted to get back to my account by entering the password, when it access, the computer screen stays black. I can access to the CTRL+ALT+DEL menu and click on Task Manager, but the app doesn't open and the screen keeps black.

I want to know how to solve this issue but I don't know what could be the best way to achieve this without risking my files.

Can anyone give me advice on how to solve this issue?

I have another HDD from which I can work on the affected one.

Thanks in advance!


My System SpecsSystem Spec
.
15 Jan 2018   #2
samuria

win 8 32 bit
 
 

Welcome to the forum. I am not clear you have a local PC and also a DC is it a company one or private? Can you get onto domain locally
My System SpecsSystem Spec
15 Jan 2018   #3
xedge

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by samuria View Post
Welcome to the forum. I am not clear you have a local PC and also a DC is it a company one or private? Can you get onto domain locally
Hi, thank you for the response!

It's my personal computer, I think it got infected by a malware because someone got it inside a domain I don't know. That kwikdelivery.com domain is not from my work. Maybe because the computer did not have a password initially they could break through it easily.
My System SpecsSystem Spec
.

16 Jan 2018   #4
townsbg

Windows 7 pro 64-bit
 
 

User accounts all have a unique ID so recreating it probably wouldn't work since the account would have a different ID. You would have to restore the account from a computer backup or from a system restore point. Since you recently got rid of a virus I would advise against using a restore point. If you don't have a system backup then your safest bet would be a reinstall.
My System SpecsSystem Spec
16 Jan 2018   #5
Alejandro85

Windows 7 Ultimate x64
 
 

You've already lost. Once you realize a virus is running on your system it's already too late to act, it could do virtually anything you can do. At this point, the best, and really the ONLY way out of the mess is a clean install. Take adventage of the spare HD you mention and use that to backup all your files. Be sure to never, ever start the affected system again, do all this from another OS, to minimize possible damage.


Quote   Quote: Originally Posted by townsbg View Post
If you don't have a system backup then your safest bet would be a reinstall.
One should be wary of backups too, as those could be affected as well as the system. Even the widely advertised (here) "system images" are poor for recovering against a security compromise. You must ensure the system was safe at the time of taking the "backup". Being infected and you knowing about it are very different things.
My System SpecsSystem Spec
17 Jan 2018   #6
townsbg

Windows 7 pro 64-bit
 
 

You're right. It depends upon how old the image is and when the problem started as well as where the image was located at the time of infection.
My System SpecsSystem Spec
22 Jan 2018   #7
xedge

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by Alejandro85 View Post
You've already lost. Once you realize a virus is running on your system it's already too late to act, it could do virtually anything you can do. At this point, the best, and really the ONLY way out of the mess is a clean install. Take adventage of the spare HD you mention and use that to backup all your files. Be sure to never, ever start the affected system again, do all this from another OS, to minimize possible damage.




One should be wary of backups too, as those could be affected as well as the system. Even the widely advertised (here) "system images" are poor for recovering against a security compromise. You must ensure the system was safe at the time of taking the "backup". Being infected and you knowing about it are very different things.
I see it's probably too late, but at least I want to be able to make a backup of the files I had on the other HDD, I know it's infected so, what could be my best approach?

I have my spare HDD and a HDD 2.5" enclosure to connect it to my spare.

Should I scan it with some sort of antivirus & antispyware software to get rid of any virus/malware remains?

I appreaciate your comments.
My System SpecsSystem Spec
23 Jan 2018   #8
townsbg

Windows 7 pro 64-bit
 
 

You definitely need to scan it.
My System SpecsSystem Spec
Reply

 Deleted NT Authenticated Users from my domain, now I can't access.




Thread Tools




Similar help and support threads
Thread Forum
accidentally blocked authenticated users from C drive :(
hi. I was trying to remove a virus that had been on my PC since 2011 (and its still on). so i went into the permissions and unchecked authenticated users permissions. of course a warning prompt popped up and i ignored it. next thing you know, I COULDNT PLAY ANY GAMES!!! because i couldnt access...
Network & Sharing
Authenticated users have been denied access to C: drive
Hello sevenforums readers. I have a real problem on my hands, and have already done as much hunting and digging, even on this site to remedy the problem. I was attempting to block home network computers from accessing my user folder since it was showing up on the network no matter what I tried to...
System Security
denied priviledges to all Authenticated users including administrator
I denied all priviledges to authenticated users which includes administrator. Im able to log in but dont have a security tab. when booting in safe mode I have the security tab but cant take ownership. i want to do a clean install but want to backup files, programs without user settings ( denied...
General Discussion
Directory Permissions - Why Authenticated Users?
Sometimes when I move directories the resulting directory needs to be modified under the security tab to add the "Authenticated Users" user in order to remove the lock icon. I've verified that I am the owner of the directory...and the other users with access to the directory is "System", My...
Network & Sharing
Accidentally removed permission for authenticated users
Hi, I recently installed windows 7 32 bit and was browsing thru security settings for my drive D (partition). i accidentally removed permission for 'authenticated users', and now getting error "access is denied" for this drive, and I'm using the enabled admin account in windows 7. All my...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:13.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App