zone firewall(zfw) says at startup everytime that symptom1
generic host process for win32 services is trying to access the internet destination ip xx.xxx.xxx.xxx and sometimes destinaton ip is yy.yyy.yyy.yyy.
they do not belong to my isp.
i traced them.both IPs belong to the same guy in another country.
i am not posting the ip addresses yet.
now if i deny ghp access to those IPs then i cant access the internet.symptom2 windows explorer is trying to act as servesymptom3 cannot turn on automatic updates for avg free.
i scanned with hijackthis and found two other IPs(not the IPs that zone alarm was showing) in a registry entry.i made hijack this fix those two problems.
I followed Evilfantasy's malware removal guide
and FOUND ROOTKITS etc.
but i made mistakes with super antispyware:
didnt uncheck anything.started a COMPLETE SCAN.
when asked to reboot to quarantine the 19malware found(5 rootkits,12 tracking cookies and 2something else)i restared the computer but it was taking along time to shut down
so i pressed the reset/restart button .
when the computer restarted i found the things quarantined alright(OR ARE THEY QUARANTINED)
well at any rate the symptom1 &symptom2 stopped.
now my computer is not trying to connect to those two IPs.
then i followed the next steps as told in the guide.THANK YOU EVILFANTASY
WHAT SHOULD I DO NEXT
[attachment deleted by admin]
