Hello everyone, back again with yet another help me thread.
This time, I have a AVAST Pop up every.. day, maybe three to five times , that is telling me I have a DcomExploit, from a nice little IP address, I googled what it is. I downloaded a program that is supposed to disable DCOM, 'cept, it failed.

Now, I have a cruddy little modem, and this is probably how they,it,him,her, are getting through. I ran AVAST full scan, Malwarebytes full scan, and used a program called Rkill to kill any foreign processes, nothing.

I come to you experts to ask for help on getting rid of this hacker thing, before they actually get through.

UPDATE: From my friend apparently

Does seem logical? or what is going on?

Did you make sure to run scans in safe mode?

Can you give us more information about what's going on, how you connect to the internet (modem, you say...tell us more), your OS, etc.?

Sorry, I have not ran in safe mode yet.

I am running on a DSL connection, through a crappy little Comtrend CT-5072T modem.
No one else is using the internet except my laptop (only laptop connected through the ethernet port), and the modem does NOT give off a wireless signal for people to pick up.

Should I post a DX diag log?

Format. When in doubt back-up and format.

Third time it's happened, after three different full OS installs.
But yah for my system specs Softnerd, want a DXDiag log?

Which OS are you running? Did you completely format your hard disk before reinstalling the OS? How do you suppose you're being re-infected...are you opening some infected file from an e-mail or something? Do you have any firewall at all?

Operating System: Windows Vista? Home Premium (6.0, Build 6002) Service Pack 2 (6002.vistasp2_gdr.101014-0432)
Language: English (Regional Setting: English)
System Manufacturer: TOSHIBA
System Model: Satellite L300

This has a partion saved onto the hardrive that you can run at startup to full install the OS, that is all that the laptop came with in regards to installing/backing up/ reinstalling the OS.

Basic browsing is when I get attacks, they come at random. One last night when I was on poly count, then I get some just sitting ideal on the desktop. I always have msn running.

Right now, I have basic windows firewall, and AVAST, and windows Defender running.

The attacks started about.. 5 months after I got my DSL, with random IP Dcomexploit attacks. I reinstalled my OS, went a few months , then they came back, installed windows again because I messed something up. A few months later (now) I finally get them again.

Ok, so is AVAST telling you that you're infected with something, or is it telling you that it blocked a DCOM exploit attack? If your OS is up to date you shouldn't be vulnerable to the DCOM RPC exploit unless there's a new one (doubt it). Is your DSL modem just a modem, or does it have a built-in router?

Just Dcom exploit attacks being blocked. I did full scans with Malware Bytes, and Avast, with nothing infected.

http://www.speedguide.net/routers/comtrend-ct-5072t-adsl2-single-port-router-975

I am fully updated, minus: Windows Office, IE9, Windows Live Essentials ( dont want it ), SilverLight, and Visual Stuido updates.

Not sure if it's much to mention, but I use FF4 with Adblock, and Noscirpt running, and don't really download sketchy files too often, and never open anything I don't trust without scanning it.

Hrm...sounds to me like you're getting attacked by a worm that's attempting to use the (supposedly now fixed via an update) DCOM RPC exploit. The thing is, if that's what's going on I'm not sure how it's even getting to your computer. That description of your DSL modem/router claims that it has a built-in firewall. If it's doing NAT I'm wondering how it's even getting at your internal IP address unless the router itself has been compromised...

Are you sure that's the right router? If so, is the firewall turned on? For that matter, are you sure that the Windows Firewall is turned on? Either and both of those should stop that attack before AVAST is even aware of it.

I was thinking it was the router too, I am trying to get some money to go out and by a actual good one, this one I have came with the ISP's DSL package.

Any suggestions, or should I grab a new modem/router?

You're sure the Windows Firewall is active?

I would always prefer to use a dedicated modem and a dedicated router. Easier to tell if something is going bad. I personally use a Linksys E3000 for my primary router and a secondary Linksys E2000 as a repeater. (Though if you were going to choose one of those two, go for the E3000).

That is indeed the modem, looks the exact same as the one sitting beside me, same number, same description all that good stuff.
And yes, I checked my firewall, it is turned on the only thing I have turned off is the UAC (Hate!) .
I even checked the allowed programs, and I know all the programs, and there were no sketchy ones even on the list trying to get through.

http://img710.imageshack.us/img710/3020/teeheek.jpg

Puzzling. :confused: I'm not sure how that thing is even getting far enough to trigger AVAST's blocking measures. At this point I guess I'd suggest adding a discrete router/firewall to the equation as Starforce mentioned. Any well-rated one would do. I personally still use my trusty old Linksys WRT54GS and a WRT54GL as a wireless access point elsewhere. Like I said, though, I'm not sure how it's getting through both your existing router and the Windows Firewall. It shouldn't be able to. The good news is that if your OS is up to date you're not vulnerable to that particular attack even if AVAST wasn't blocking it. Still, though, the fact that it's getting that far is cause for concern.

Damn, I was hoping it wouldn't be bad, well I will get some money together for a new router, and hope that AVAST can keep up the blocks so it dosn't get 100% in.

Thankyou for the help everyone