Need help with strange backdoor or something (sorry not an expert)

I use Comodo Internet Security 3.5.57173.439, and from time to time I take a look at the Active Connection from the Firewall tab. Now I have svchost.exe that connects to this ip on port 80. Ok this its some Chinese site or something like that. I configured the firewall to block this connection using Network Security Policy and now the attempted connection appears in the Firewall events like blocked. It tries to connect like every minute or so.
Now I downloaded the Process Explorer from and i think this unknown program or something its start svchost.exe with this line
“C:\WINDOWS\system32\svchost.exe” 92869
All the other svchost instances are parented to services.exe this one (that its started with that line) its a independent process (maybe it has more privileges?)

I did a google search and I find a site that sticks to my description of my problem
but I don’t know if It can be trusted ( I don’t know this software)

I did a system scan with comodo antivirus but it found nothing
what can I do? please help, I know its there somewhere because its continually try to connect to that site but I can’t find what process or dll else it is.
Thank You very much for your time and help and please forgive my english I’m not native speaker

Welcome. :slight_smile:
Have you read this?

No I did not read that thread, I will follow the instruction as soon as possible,
but comodo its not supposed to clean and protect my pc? Why use external programs? Its just that I don’t understand this. ???

From your post, it looks like you might already be infected. It’s not possible for an anti virus to detect all malware. No anti virus can, and what some miss, others detect. Those scanners on the other thread are some of the best, so if you are infected, they will probably detect it. :slight_smile:

Hi! try these:

Malwarebytes antimalware free
SuperAntispyware free
Dr.Web Cureit ( free)