I have a problem with my Laptop where it reboots every few hours with the message that the system is rebooting because the RPC service has stopped.
Please read the thread where I originally asked for expert help:
As you can see I have collected a FileMon of the activity around the time it happened and it looks malicious to me. It is creating a program called dts12.exe which seems to collect some information, create a dll called mspush.dll and call it.
It does all this under the watchfull eye of MacAfee (Corporate).
I have scanned my laptop with SuperAntiSpyware, MalwareBytes, Spyware S&D and I am now trying an online scan with Kaspersky. None of them have found anything malicious.
Someone else seems to have the same problem:
Please only focus on the 'System Shutdown' dialog in the screenshot and the narrative below. Refrain, for your own sanity, from studying the rest of the screenshot and from following the discussion.
I've attached the FileMon log as an xls. I believe you can see signs of Winlogon recognising that the RPC has stopped in record 5245 just after what looks like an invocation of mspush.dll by dts12.exe.
Notice that dts12.exe is created on the fly by a svchost.exe a little further up the log and dts12 creates mspush.dll on the fly too. This looks distinctly fishy to me.
Has anyone got any ideas what this is and how I can get rid of it?