Virus? Something going horribly wrong?

[The Coop]

So here's the scoop...

I had to do not one, but two destructive restores yesterday. Since the second one, I got SP2 installed, Comodo firewall, Avast! antivirus, SpyBot (which I ran), and a few other things (FireFox, Photoshop, etc.). However, I've run into a weird problem. First, I have an svchost.exe going nuts, resulting in anywhere from 200 to 400 outgoing connections, which is bogging down browsing and downloading A LOT. Next, I can't connect to Microsoft's, AVG's, Avast's, or Comodo's websites in FireFox or IE, but according to isitdown.us, those websites are up and running. So basically, I can't get the antivirus I'm after, I can't update my Windows XP OS, and I've got an exe that's determined to connect like hell to The Web.

It's seems odd that I can't connect to anything that might get rid of a virus, but I can go everywhere else. It's also damn odd to have an svchost.exe going apeshit with outbound connections like that. Is this a potential virus? Is my firewall being a dick? I could definitely use some help, as I'm running out of ideas.

[nonameo]

http://support.microsoft.com/kb/932494

Does that sound like it might be kinda close?

I know some of the web virus scanners use(or did use) ActiveX, but iirc ActiveX isn't very popular anymore. So that might explain why you have trouble with that. Try going to another site that uses ActiveX and see what happens.

[The Coop]

Sorry for not getting back right away. After some digging, I found a site that had the most recent Avast! program on their own server (no link to Avast!'s website), and installed it. I couldn't connect to the server to update the antivirus (shocker, I know), and tested all those sites I mentioned before. Since I still couldn't connect to them, I booted into safe mode and ran both Avast! and SpyBot. SpyBot found just a couple little cookies to get rid of in IE, but Avast! found five different viruses. They were all contained/deleted, and POOF!... I can connect to all those sites now. I guess somehow, someone snuck something in while I was trying to get an antivirus.

As for that link, I don't think that was it. I had automatic updates turned off while all this was going on. Thanks nonetheless.

[nonameo]

Yeah, if you found viruses then that was surely it. Glad to hear you've got it covered.

[sheath]

It's probably just a proxy virus, it remaps all DNS calls to the virus servers. You will probably still need to completely restore Internet Explorer to defaults and make sure there are no proxy settings installed. There is a free program called trojan remover that does a number on these. I can host it if it blocks you from downloading that too. Otherwise, it's just a pain, because ten anti-virus programs won't fix it, but one will take care of it.

Don't forget to run sfc /scannow from the start run box whenever an anti-virus program finds and cleans something.

[Jax184]

This is why you never take a copy of Windows 2000/XP/etc on the internet without either A) A hardware firewall or B) All the security updates installed. They have a handful of very very very well known security flaws which hordes of infected machines are constantly scanning random IPs for, and when they find them, they immediately spread their infection. You don't need to click or do anything. Just plug in the cord, get an IP, watch your machine become infected. It's all done in 30 seconds.

When I do reinstalls on other people's machines, I do so behind my router so they're kept safe. And I have a custom made install CD for my machine which includes all the updates, among other things.

[Chibisteven]

And routers aren't too expensive. Put your computer behind a hardware firewall. Reformat and reinstall. Very quickly install every Windows update possible. Even if ones fail, try them again until success. If you're using a manufacture recovery disk, disconnect from the web from the network (pull the cord out) and take the junk off you don't need before running Windows update as some shit is just junk to begin with that will fuck with Windows when updated to next Service Pack. If you blue screen and you can't start Windows, use the recovery partition or install disk again and go through it again as earlier versions of XP will crash more easily.