Windows Updates & Site Blocked

Hello all,

I am having some troubles and hope someone can help me out.
Several days ago my computer would start crashing because of a generic win32 process. I started to look into it and noticed svchost.exe using lots of memory. So I did a command (cmd): netstat -on
Sure enough, svchost.exe was sending requests to all sorts of IPs.
Windows Updates stopped working, I couldn't get to the Windows Update site either. Microsoft Security Essentials could no longer update as well.

I decided to uninstall MSSE and try to reinstall it. It wouldn't reinstall and then I started getting a popup for consumernews24.com

I am running Windows XP Pro SP3 (32-bit)

I ran SuperAntiSpyware several times, at first it found tracking cookies and such, but now it finds nothing.
I ran Malewarebytes, originally it had found 2 Trojans, but now it finds nothing.
I ran ComboFix, and the only weird thing I saw was:
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x8A7c7c76]<<
I tried to run RootRepeal, but it never finishes and just locks up my system. The only thing it reported was a hidden process "tmcomm" (which I believe is part of TrendMicro.
I ran MGTools, ATF-Cleaner, CCleaner, GMER, HiJackThis, SmitfraudFix, TDSSKiller, RUBotted, Win32Diag, Kaspersky Virus Removal Tool, RootkitBuster, and DDS.
GMER will do all scans except files, it locks up the computer.
HiJackThis will run and then produces "An unexpected error has occurred at..."

I installed a trial version of Kaspersky Anti-Virus 2011, it found nothing.
My HOSTS file is clean and I've checked my LAN settings and no proxy is being used.
I've uninstalled all Java and JRE just to be sure as well.

I am at a loss here, any kind of help would be appreciated.

Thanks!

 

Thank you for the response!

I ran TDSSKiller again, as in the past, I ran it in safe mode and got the same blank DOS screen that disappeared. I decided to go ahead and run it in normal mode and I actually saw a GUI this time.
I scanned and it reported that it did in fact find:

Code:

Rootkit.Win32.TDSS.tdl4
MBR
Name: \HardDisk0\MBR

My options were to: Skip, Quarantine, or Cure.
I chose to Cure.

The log is attached.
I won't be able to truely verify if it is gone until tomorrow morning.
But I do feel like I made some kind of progress as I've ran so many scans in Safe / Normal Mode, I can't remember which scans were in which mode.
At least I saw something different this time.
I can't thank you enough for the response as it prompted me to run it again in both modes.

I will certainly provide a response as soon as I can tomorrow.

 

I'm back in action! Everything is fine now after running TDSSKiller again.

I can't thank you enough TimW, you saved me a ton of headaches.
You sir, are a life saver! Thank you again!