Windows 10: Domain fault and DCOM hijack

Discus and support Domain fault and DCOM hijack in AntiVirus, Firewalls and System Security to solve the problem; For over an year now my PC desktop has been injected with active directory from a malicious domain controller. Is there a chance that Windows's... Discussion in 'AntiVirus, Firewalls and System Security' started by TZAR, Jul 7, 2021.

  1. TZAR
    TZAR Win User

    Domain fault and DCOM hijack


    For over an year now my PC desktop has been injected with active directory from a malicious domain controller. Is there a chance that Windows's firewall can be adjusted so that I can update my computer directly from the Microsoft servers (no peer2peer). Also, how can I get rid of the terminal services, which may be the core cause of the issue, but not sure. I apologize if this is not the right catefory for my question and problem. P.S.: None of the standard methods like clear install, guides for intalling Windows "the proper way", etc. work at all.

    :)
     
    TZAR, Jul 7, 2021
    #1
  2. CHANGARI
    changari Win User

    Raising the windows domain and forest issues?


    hi,

    I run a domain that was all 2003 r2 servers. I recently upgraded all my domain controllers to windows 2012 r2.
    That went off without any problems.. Our trust relationships had no issues also.

    My first step was to raise the Domain and Forest levels past 2003 to 2008. This went off without a hitch.
    These are the features for raising the levels to 2008:

    • Features and benefits include all default Active Directory features, all features from the Windows Server 2003 domain functional level, plus:
    • Read-Only Domain Controllers – Allows implementation of domain controllers that only host read-only copy of NTDS database.
    • Advanced Encryption Services – (AES 128 and 256) support for the Kerberos protocol.
    • Distributed File System Replication (DFSR) – Allows SYSVOL to replicate using DFSR instead of older File Replication Service (FRS). It provides more robust and detailed replication of SYSVOL contents.

    Forest Level Windows Server 2008

    • Features and benefits include all of the features that are available at the Windows Server 2003 forest functional level, but no additional features. All domains that are subsequently added to the forest will operate at the Windows Server 2008 domain functional level by default.


    My next step is to raise the domain and forest to 2008 r2, then 2012, and finally 2012 r2. I have been trying to find out exactly what I could expect from raising the Domain and Forest for each step.

    The step involving 2008 r2 seems relatively a non issue. But getting the couple of new features seem very nice

    Domain Level Windows Server 2008 R2

    • All default Active Directory features, all features from the Windows Server 2008 domain functional level, plus 2 new features

    Forest Level Windows Server 2008 R2
    • All of the features that are available at the Windows Server 2003 forest functional level, plus the following features:


    • Active Directory Recycle Bin, which provides the ability to restore deleted objects in their entirety while AD DS is running. <== New Feature very cool
    • All domains subsequently added to the forest will operate at the Windows Server 2008 R2 domain functional level by default.

    Here is my big concerns for the next raising of domain and forest to 2012.

    Forest Level Windows Server 2012:

    • All of the features that are available at the Windows Server 2008 R2 forest functional level, but no additional features.
    • All domains subsequently added to the forest will operate at the Windows Server 2012 domain functional level by default.

    Domain Level Windows Server 2012 R2: <=====    Need to investigate more and why this post

    • DC-side protections for Protected Users. Protected Users authenticating to a Windows Server 2012 R2 domain can no longer:


    • Authenticate with NTLM authentication <==============(what issues may arise)
    • Use DES or RC4 cipher suites in Kerberos pre-authentication
    • Be delegated with unconstrained or constrained delegation
    • Renew user tickets (TGTs) beyond the initial 4-hour lifetime


    Will this affect my exchange anywhere users with remote access authenticating either clear of NTLM???
    and what would/may not to work properly day 1 when I raise the domain and forest to 2012. I cant really find anyone that can answer a straight question.

    Has anyone gone through this? what problems did you have, if any , if a lot???

    Any thoughts and suggestions will be much appreciated??

    thanks


    - - - Updated - - -

    One more point... I am not sure if I posted this to the correct forum.. So if I was wrong and it should be in a different one..
    PLEASE LET ME KNOW
     
    changari, Jul 7, 2021
    #2
  3. ROBOS
    robos Win User
    Getting a domain name...

    Just simple 3 steps to make your website glow to millions…
    Step 1: Sign up now and get a FREE domain!
    Step 2: Design your new website in minutes!
    Step 3: You are live! Share your life online!

    Click here…
     
    robos, Jul 7, 2021
    #3
  4. YURI PUSTJENS
    Yuri Pustjens Win User

    Domain fault and DCOM hijack

    Browser hijacked by safesurfs.com Malware

    After reading what you went through I would strongly suggest you read the advice of Monkey57 and try his steps. Normally

    Browser hijackers     don't show this kind of behavior and more could be going on. Normally I don't suggest Resetting your computer but in this case....
     
    Yuri Pustjens, Jul 7, 2021
    #4
Thema:

Domain fault and DCOM hijack

Loading...

  1. Domain fault and DCOM hijack - Similar Threads - Domain fault DCOM

  2. Hijacked Audio

    in Windows 10 Software and Apps
    Hijacked Audio: I have a virus/malware that the scanners can't find. On occasion it will start playing what sounds like someone scanning a radio dial and then VERY LOUD "Mexican" music plays. The max volume sound makes the PC unusable - probably also intended to damage equipment. The mute...

  3. Was this a hijack attempt?

    in AntiVirus, Firewalls and System Security
    Was this a hijack attempt?: Split from this thread.I made the mistake of falling for one of the clickbait-series ads scattered throughout the MSN.com page that appears upon launching Edge. After I'd been suckered into clicking the second "Continue" in a series about an unusual dog with tiger stripes,...

  4. hijacked computer

    in Windows 10 Software and Apps
    hijacked computer: How can I tell if someone hijacked my computer? https://answers.microsoft.com/en-us/windows/forum/all/hijacked-computer/56d15fc4-bb49-4535-8d35-7cb87832637e

  5. Laptop Hijacked

    in Windows 10 Ask Insider
    Laptop Hijacked: I downloaded Golden Grapher v16 cracked from the internet and it turned out to be a hijacking software and all my files have been locked is there a method of recovery without paying the $1000 they are asking for? submitted by /u/Yng-Swiper [link] [comments]...

  6. *%$#* DCOM

    in Windows 10 BSOD Crashes and Debugging
    *%$#* DCOM: To say that I am beyond fed up with Windows 10 is an understatement. And above that this DCOM system that you have that I constantly have to fix it is so far beyond ridiculous there is not an accurate insult or comparison of failure other than the Hindenburg that can compare...

  7. Browser Hijackers

    in Browsers and Email
    Browser Hijackers: I have searched the internet for three days now using my cellphone because the three browsers on my desktop are hijacked by taboola orrecp.mkt 81 or a few others. I have used, as suggested, "Hi-Jack This"---"Malwarebytes"---an three others. These bad apps cannot be found...

  8. Workstations= Hijacks

    in AntiVirus, Firewalls and System Security
    Workstations= Hijacks: Microsoft. What are you thinking? I've read some posts regarding the above back in 2011 and nothing has been done to prevent the illegal activity. We have a very unprofessional hostile neighbor who was mad at us for a dog barking. Neighbors from the North side of us was...

  9. Browser hijack

    in Windows 10 Customization
    Browser hijack: Hi whenever I open a page from within an app my default browser which is almost advert free is bypassed and microsofts advert fest Edge is used instead. Edge is pretty much unusable to me as I despise being forced to view adverts also I dislike the search engine which I have...

  10. Browser hijacker

    in AntiVirus, Firewalls and System Security
    Browser hijacker: How do I know if I've got a browser hijacker? And why do I keep getting calls saying my computer is in danger? Supposingly from microsoft agent....