Windows 10: NT Authority hijack persistent/embedded

Discus and support NT Authority hijack persistent/embedded in AntiVirus, Firewalls and System Security to solve the problem; I have a machine that I am not able to do much with other than to wonder whats really goin on at the other end of the constant HDD indicator light,... Discussion in 'AntiVirus, Firewalls and System Security' started by jqmc, Mar 14, 2020.

  1. JQMC
    jqmc Win User

    NT Authority hijack persistent/embedded


    I have a machine that I am not able to do much with other than to wonder whats really goin on at the other end of the constant HDD indicator light, fans spooling up/ down and is all of this to some nefarious end with the 50gb of data activity my router handled today for the latest computer that is essentially stolen but still sitting right where I left it. I was once just your average blissfully ignorant user account on one machine shopping Dodge Cummins get more power parts and watching install videos. I know there is a problem but I am unsure of how to detail the events that would be an accurate description with the relevant information a knowledgable person can extrapolate a solution from. The guys who work at the auto parts store nearby still cant help but to shake their head when I am looking to replace a doohickey bolted to that thingy but I’ve proven not to be someone that should be prevented from buying tools. No anti-virus, malware, trijan, root kit returns a detection. No method of reset, restore, recover, or fresh install clears it. I am unable to launch OEM or Windows security and assistant applications.

    :)
     
    jqmc, Mar 14, 2020
    #1
  2. GOATBERG
    Goatberg Win User

    NT AUTHORITY\Authenticated Users added to Users group upon every restart

    I have a Windows 10 computer that I would only like certain users on a domain to be able to login to. Lets say limit access to only those users in the group named football.

    I have added the football group to the Windows users group. The computer is on a domain and I noticed the following two groups both of which I removed from the Windows users group.

    • NT AUTHORITY\Authenticated Users
    • NT AUTHORITY\Interactive
    I have tested that NT AUTHORITY\Authenticated Users is allowing users outside of the football group to login to the computer and this is not wanted.

    If I remove both of these groups from the Windows users group then they will reappear upon every restart of the computer. This did not have with Windows 7. This seems to be a security problem???
     
    Goatberg, Mar 14, 2020
    #2
  3. MIKEROZZLE
    mikerozzle Win User
    NT AUTHORITY/SYSTEM shutdown

    How do I removed this shutdown initiated by NT AUTHORITY/SYSTEM on windows 10?. It keeps showing up on my PC.
     
    mikerozzle, Mar 14, 2020
    #3
  4. DB777
    DB777 Win User

    NT Authority hijack persistent/embedded

    NT Authority will not give me access !!!!

    NT Authority hijack persistent/embedded [​IMG]

    NT Authority hijack persistent/embedded [​IMG]

    NT Authority hijack persistent/embedded [​IMG]


    Hi Denis,
    Okay I have attached a screen shot of the NT Authority.
    My box shows Performance Monitor at the top.
    Enter User name for the data set. The window has NT AUTHORITY, if you drop it down then it will have both of my email addresses.
    Password....
    then Ok or Cancel.

    On the Properties Window of the Data Collector set
    General Directory Security Stop Condition Task
    Description
    Keywords
    Run as: NT AUTHORITY [change]
    OK Cancel Apply

    When I log on as Admin I do so thru the Windows Admin Tools
    scroll down to Performance Monitor and then right click and then select Run as Admin.
    I do not go thru the Command Prompt.

    This is the first time I have seen this window, never before has it done this, hence my aggravation with the situation
    Thanks

    It really annoys me when these things happen, I like getting the most from the system since its available
     
    DB777, Mar 14, 2020
    #4
Thema:

NT Authority hijack persistent/embedded

Loading...

  1. NT Authority hijack persistent/embedded - Similar Threads - Authority hijack persistent

  2. about nt authority system

    in Windows 10 Gaming
    about nt authority system: Hello, I was going to create a another administrator account and I went to the recovery menu from troubleshoot I click on it and I open the command prompt.I am in the command prompt I go in the C: drive because in the X: and I type this C:\Windows\system32 I type enter and I...

  3. about nt authority system

    in Windows 10 Software and Apps
    about nt authority system: Hello, I was going to create a another administrator account and I went to the recovery menu from troubleshoot I click on it and I open the command prompt.I am in the command prompt I go in the C: drive because in the X: and I type this C:\Windows\system32 I type enter and I...

  4. NT AUTHORITY\SYSTEM ‎powershell‎, New-MailboxExportRequest

    in Windows 10 Gaming
    NT AUTHORITY\SYSTEM ‎powershell‎, New-MailboxExportRequest: Hi Community,I have an exch of 2016 Cu22 and Cu23. All are patched with the latest patches on both CU updates. but recently I have seen a mailbox export request visible on my EAC notification bells. I check and surprise. some exploits RAN a command on the power shell to get a...

  5. SSH Connection Refused - nt Authority

    in Windows 10 Network and Sharing
    SSH Connection Refused - nt Authority: I'm trying to get into a win10 box from a linux box. I can get in using a normal user password but when I try to use shh keys I get: debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey ED25519...

  6. NT Service\TrustedInstaller & NT authority\system

    in Windows 10 Customization
    NT Service\TrustedInstaller & NT authority\system: is "NT Service\TrustedInstaller" the same thing as "NT Authority\system"? can you log into "NT Athority\system"? i understand that "NT Service\TrustedInstaller" is not a user, i under stand that "NT Service\TrustedInstaller" is just trustedinstaller.exe with a temporary...

  7. NT AUTHORITY\NETWORK SERVICE - Different language

    in Windows 10 Customization
    NT AUTHORITY\NETWORK SERVICE - Different language: Hi What could be the reason for the NT AUTHORITY\NETWORK SERVICE doesn't appear to me in english ? I was having some issues while running some powershell scripts that was searching by the english name. I was only able to find out by the sid. $objSID = New-Object...

  8. NT Authority will not give me access !!!!

    in User Accounts and Family Safety
    NT Authority will not give me access !!!!: Hello, I could use some real help here. I have a Dell Inspiron 5775 running Windows 10 Home 1909 up to date, in the past I could go into performance monitor as admin and I could add New Data Sets for GPU and CPU. Now when I tried to add these parameters I keep getting the NT...

  9. NT Authority will not give me access !!!!

    in Windows 10 Support
    NT Authority will not give me access !!!!: Hello, I could use some real help here. I have a Dell Inspiron 5775 running Windows 10 Home 1909 up to date, in the past I could go into performance monitor as admin and I could add New Data Sets for GPU and CPU. Now when I tried to add these parameters I keep getting the NT...

  10. window NT-AUTHORITY Misuse by hackers

    in Windows 10 Customization
    window NT-AUTHORITY Misuse by hackers: What is happening now is window 10 is hijack and no home users is immune to it and microsoft will do nothing because they got nothing to do with home users, it starts with account problems, this is because you are being impersonated and your local account will be hijack by...