Blocked connections booting normal, fine in Safe Mode...

[charliearthur]

Hello all,

A few of my programs are unable to communicate with their servers now and I can't figure out why as they were find two weeks ago and I haven't made any changes since then. The issue lies with a service/program within Windows as all the programs communicate fine in Safe Mode. Windows Firewall and ICS are both disabled within Services. Malwarebytes (my only AV right now) is disabled also.

I know this is an ongoing and repetitive subject but the numerous searches are all resulting in pointing fingers at an AV program, which I am sure is completely disabled. Any help is appreciated.

 

[casper1973]

Try doing a clean boot and see if it works. If so, slowly start turning them back on again until it doesn't and you should hopefully find out which one is causing you problems.

How to clean boot - http://support.microsoft.com/kb/929135


I have also experienced problems in the past with AV where disabling isn't enough. I had to completely uninstall it. Also, have you tried adding your programs as exceptions?

 

[charliearthur]

Try doing a clean boot and see if it works. If so, slowly start turning them back on again until it doesn't and you should hopefully find out which one is causing you problems.

How to clean boot - http://support.microsoft.com/kb/929135


I have also experienced problems in the past with AV where disabling isn't enough. I had to completely uninstall it. Also, have you tried adding your programs as exceptions?

Attempted to clean boot but now I cannot completely uncheck "Load system services" due to the following services running and give no option to disable or stop:

Group Policy Client
RPC Endpoint Mapper
Task Scheduler

I was able to reboot with "Load startup items" unchecked but the issue remained.

As stated in the title, the connections work fine under Safe Mode. After observing these three services not stopping, I went to Safe Mode and noticed the following:

Group Policy Client - "Stopped" with no option to Start
RPC Endpoint Mapper - "Started" with no option to Stop
Task Scheduler - "Stopped" with the option to Start

I researched the Remote Procedure Call(RPC) and the only thing I can think of that is remotely related and has been updated recently is TeamViewer 8.0.16642. I uninstalled it completely, rebooted and the issue still continues

The issue must be be with the RPC Endpoint Mapper which makes sense. The problem is how to I troubleshoot further?

 

[hedwar2011]

Attempted to clean boot but now I cannot completely uncheck "Load system services" due to the following services running and give no option to disable or stop:

Group Policy Client
RPC Endpoint Mapper
Task Scheduler

I was able to reboot with "Load startup items" unchecked but the issue remained.

As stated in the title, the connections work fine under Safe Mode. After observing these three services not stopping, I went to Safe Mode and noticed the following:

Group Policy Client - "Stopped" with no option to Start
RPC Endpoint Mapper - "Started" with no option to Stop
Task Scheduler - "Stopped" with the option to Start

I researched the Remote Procedure Call(RPC) and the only thing I can think of that is remotely related and has been updated recently is TeamViewer 8.0.16642. I uninstalled it completely, rebooted and the issue still continues

The issue must be be with the RPC Endpoint Mapper which makes sense. The problem is how to I troubleshoot further?

Those three items you won't be able to fully disable. There are others in the Services category that are this way as well.
RPC (Remote Procedure Call) Endpoint Mapper is used by 3rd party programs and even Windows itself for remote communications back and forth.

More info on it can be found HERE and should clear up if it's needed or not. The only issue I've ever seen with RPC Endpoint Mapper was a long time ago when XP first came out and it was flawed allowing DDoS attacks.

To my knowledge that issue doesn't exist with 7.

It's time you take a look at everything running and starting up when your computer does. I'm positive you'll find your culprit there.

I would recommend using Autoruns.

Not sure what all those things are? Go to HERE for help with identifying those pesky startup items.

 

[charliearthur]

Those three items you won't be able to fully disable. There are others in the Services category that are this way as well.
RPC (Remote Procedure Call) Endpoint Mapper is used by 3rd party programs and even Windows itself for remote communications back and forth.

More info on it can be found HERE and should clear up if it's needed or not. The only issue I've ever seen with RPC Endpoint Mapper was a long time ago when XP first came out and it was flawed allowing DDoS attacks.

To my knowledge that issue doesn't exist with 7.

It's time you take a look at everything running and starting up when your computer does. I'm positive you'll find your culprit there.

I would recommend using Autoruns.

Not sure what all those things are? Go to HERE for help with identifying those pesky startup items.

Thanks a million for the tips! I also read on that possible flaw for the RPC but the articles pointed to XP back in 2003 so I didn't pay it much mind.

I ran Autoruns and observed all the information but nothing looks suspicious rather than the entries for TeraCopy and WinRAR (since they were the only services with "unsigned signatures") so I uninstalled them both and restarted but the issues remains.

A copy of my Autoruns file can be found here