Jump to content

Recommended Posts

I probably have a rootkit, that establishes RPC Connection. I tried to find the Rootkit with Mbam, Mbar, Adwcleaner, jrt, Combofix, rkill, tdsskiller and other programms. 

How can I disable RPC in Services.msc? 

http://computerstepbystep.com/remote_procedure_call_(rpc)_service.html

The option disable and other options are gray(not active).

I blocked RPC in firewall rules. That doesnt seem to help.

Ports 135, 3389 are closed.

I have some taskeng, taskhost, conhost processes(started from user, not from system)

How can I disable RPC at least for a while?

 

post-182323-0-62496800-1422302918_thumb.

post-182323-0-63485100-1422302935_thumb.

JRT.txt

ComboFix.txt

mbar-log-2015-01-23 (12-17-06).txt

protection-log-2015-01-23.xml

Addition_23-01-2015_12-31-07.txt

FRST_23-01-2015_12-31-08.txt

post-182323-0-52714400-1422303743_thumb.

post-182323-0-84445300-1422303752_thumb.

Link to post
Share on other sites

  • 3 months later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.

Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.