Hello all,
My first post here. Found the site when searching for 'nettir32', a new virus I got hit by about a week ago.
It is found in this thread, but I'm not allowed to post a reply there:
https://www.techspot.com/vb/topic148068.html
I had gotten rid of the nettir32.exe file via Sophos anti-rootkit, but installation of a firewall revealed that the pc was constantly making connection atempts to suspect looking IP adresses, so I seemingly still had malware on it.
Followed your 8-step guide and at first it went well. TFC, the program deleting temp files apparently stopped the flurry of connection attempts. Malwarebytes scan found and cured two infections, but this triggered the connection frenzy again. Ran TFC once more and again it stopped the connection attempts.
Next updated Java & Adobe Reader.
Then I ran GMER. It started scanning automatically and immediatedly reported a problem, asking if I wanted a complete scan. Clicked 'no', as per your instructions, and then started a scan.
It listed a suspicious boot-related problem, called something like pwtlzn. Scan continued and I left the pc for a while. Came back to a BSOD. Rebooted and did another scan, this time unchecking 'Devices', again per your instructions.
Came back after a while and found a blank screen and locked-up pc. Tried rebooting, but Windows wouldn't start. Tried all options of safe-mode and last-known-good, to no avail.
Googling with another computer found this forum thread, where another poor chap has the exact same problem:
http://www.geekstogo.com/forum/Comp...running-GMER-to-identify-malware-t276947.html
Tried all the suggestions about repairing the boot.ini, but it didn't work for me either. Next tried a repair of the XP install, but like the poster in that thread, it didn't help me either; except for getting the boot process a little further - it now displays the Win XP start screen, but invariably ends with a BSOD. Have not tried the parallel installation that helps the poster, as I plan on trying to boot on another, old harddrive and then add the present one as secondary drive, hoping to save my data.
Unless you have a miraculous suggestion, it seems I'm royally screwed with regards to saving my current installation.
As I'm not the only one who's encountered this, I think a warning in your 8-step guide would be appropriate. You can of course argue that it has solved my malware problems, but it wasn't exactly the way I anticipated... :-(
Regards,
Erling G-P
My first post here. Found the site when searching for 'nettir32', a new virus I got hit by about a week ago.
It is found in this thread, but I'm not allowed to post a reply there:
https://www.techspot.com/vb/topic148068.html
I had gotten rid of the nettir32.exe file via Sophos anti-rootkit, but installation of a firewall revealed that the pc was constantly making connection atempts to suspect looking IP adresses, so I seemingly still had malware on it.
Followed your 8-step guide and at first it went well. TFC, the program deleting temp files apparently stopped the flurry of connection attempts. Malwarebytes scan found and cured two infections, but this triggered the connection frenzy again. Ran TFC once more and again it stopped the connection attempts.
Next updated Java & Adobe Reader.
Then I ran GMER. It started scanning automatically and immediatedly reported a problem, asking if I wanted a complete scan. Clicked 'no', as per your instructions, and then started a scan.
It listed a suspicious boot-related problem, called something like pwtlzn. Scan continued and I left the pc for a while. Came back to a BSOD. Rebooted and did another scan, this time unchecking 'Devices', again per your instructions.
Came back after a while and found a blank screen and locked-up pc. Tried rebooting, but Windows wouldn't start. Tried all options of safe-mode and last-known-good, to no avail.
Googling with another computer found this forum thread, where another poor chap has the exact same problem:
http://www.geekstogo.com/forum/Comp...running-GMER-to-identify-malware-t276947.html
Tried all the suggestions about repairing the boot.ini, but it didn't work for me either. Next tried a repair of the XP install, but like the poster in that thread, it didn't help me either; except for getting the boot process a little further - it now displays the Win XP start screen, but invariably ends with a BSOD. Have not tried the parallel installation that helps the poster, as I plan on trying to boot on another, old harddrive and then add the present one as secondary drive, hoping to save my data.
Unless you have a miraculous suggestion, it seems I'm royally screwed with regards to saving my current installation.
As I'm not the only one who's encountered this, I think a warning in your 8-step guide would be appropriate. You can of course argue that it has solved my malware problems, but it wasn't exactly the way I anticipated... :-(
Regards,
Erling G-P
