I've been trying to close as many unnecessary open ports as possible. Whenever I do a netstat -an command or use TCPView by Sysinternals, I notice that Port 135 is in this state:
Local Address Foreign Address
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
Since I'm not using a networked computer and had netbios running, I disabled that. I deleted my "client for MS networks" option in the local area connection properties. Then I tried running Dcomcnfg.exe and unchecked the "enable Distributed Com" box.
I then edited HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc as follows:
Created an "Internet Key" with the string "UseInternetPorts" and a value of N.
However, when I rebooted, Port 135 was still showing when doing a netstat -an command.
I see it's blocked in my ZA internet zone security (incoming and outgoing).
Why can't I shut it down upon rebooting?
TCPView tells me the port is running:
svchost -k rpcss.
I have noticed that when I disable dcom and create the RPC key, upon rebooting Windows Defender beta Spyware by Microsoft won't run. Supposedly, that program depends on the remote procedure call service.
Has anyone got a solution that will allow Windows Defender to still load?
What ports should be open right after boot up. There's the Avast shield ports and....? I know my ZA firewall is blocking incoming and outgoing access on Port 135.
