Tech Support Forum - View Single Post - Looking for the knight to kill the specific911 dragon again!!!

tetonbob · 08-27-2005, 08:18 PM

Please run a search for internat.exe using Start>Find

Right click on that file and go to Properties. Then go to the Version tab and see what information you can get from there (Company, Description, etc.) and post it here.

Copy these instructions to Notepad

Download Killbox from one of these locations:

http://www.greyknight17.com/spy/KillBox.exe
http://www.downloads.subratam.org/KillBox.zip
http://www.atribune.org/downloads/KillBox.exe

Reboot into safe mode.

Uninstall MyWay from Add/Remove Programs if there using these instructions (if not present there, just delete the folder at the indicated point in the instructions):

* Click Start- Settings - Control Panel- Add or Remove Programs
* Double-click the Add or Remove Programs icon
* Click Remove a program
* Click MyWay
* Click the Change/Remove button
* The InstallShield Wizard dialog box, select the Remove check box
* Click Next
* If you get a window for "Remove Share Component", click "Yes to All"
* If you get a window for "Remove Share File", click "Yes to All"
* Click Yes
* When finished, close all boxes
* Do NOT restart the computer when asked

* Click Start- Find or Search- Files or Folders
* "Look In" should say Local Hard Drives
* Type MyWay [press Enter]
* Delete any/all found, close all boxes when finished

* Click Start- Run
* Type or copy/paste
MsiExec.exe /X{78d944d7-a97b-4004-ab0a-b5ad06839940}
* Click OK
* Follow the prompts to remove MyWay

* Click Start- Run
* Type regedit [press Enter]
* Highlight My Computer
* Click..FILE….EXPORT…and save a copy somewhere in case you make a mistake.
* Click Edit- Find
* Type MyWay [press Enter]
* Delete any/all found, press F3 to continue searching. Delete any/all found
* Close all boxes when finished
* Click Start- Turn Off Computer- Restart into safe mode again.

Delete this folder:

C:\PROGRAM FILES\MyWay

Next:

C:\WINDOWS\update12.0s
C:\WINDOWS\tinybar.0xe
C:\WINDOWS\WindUp.exe

Select/Highlight all the filename(s) from the above.
Copy to clipboard by pressing [CTRL]+[C] on your keyboard.
Start KillBox.exe

Go to the File menu, and choose Paste from Clipboard * this feature does not work on older versons of Killbox
Click the dropdown-arrow next to the "Full Path of File to Delete" field.
Verify that the filenames you pasted are found in there.
Select/tick the following:
- Delete on Reboot
- Unregister.dll Before Deleting * if it's not grayed out
Click the RED X button.
Click Yes at the 'Delete on Reboot' prompt.
Click Yes at the 'Pending Operations prompt'.

* If you received a message such as: "PendingFileRenameOperations registry data has been removed by external process", you have to manually restart Windows.

* If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, download and run missingfilesetup.exe Then try Killbox again.

Reboot into normal mode, and run another Panda ActrveScan. Post the log here.

What is the condition of your system now, please?

08-27-2005, 08:18 PM	#7 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,171 OS: 2000 Pro; XP Pro; XP Home	Please run a search for internat.exe using Start>Find Right click on that file and go to Properties. Then go to the Version tab and see what information you can get from there (Company, Description, etc.) and post it here. Copy these instructions to Notepad Download Killbox from one of these locations: http://www.greyknight17.com/spy/KillBox.exe http://www.downloads.subratam.org/KillBox.zip http://www.atribune.org/downloads/KillBox.exe Reboot into safe mode. Uninstall MyWay from Add/Remove Programs if there using these instructions (if not present there, just delete the folder at the indicated point in the instructions): * Click Start- Settings - Control Panel- Add or Remove Programs * Double-click the Add or Remove Programs icon * Click Remove a program * Click MyWay * Click the Change/Remove button * The InstallShield Wizard dialog box, select the Remove check box * Click Next * If you get a window for "Remove Share Component", click "Yes to All" * If you get a window for "Remove Share File", click "Yes to All" * Click Yes * When finished, close all boxes * Do NOT restart the computer when asked * Click Start- Find or Search- Files or Folders * "Look In" should say Local Hard Drives * Type MyWay [press Enter] * Delete any/all found, close all boxes when finished * Click Start- Run * Type or copy/paste MsiExec.exe /X{78d944d7-a97b-4004-ab0a-b5ad06839940} * Click OK * Follow the prompts to remove MyWay * Click Start- Run * Type regedit [press Enter] * Highlight My Computer * Click..FILE….EXPORT…and save a copy somewhere in case you make a mistake. * Click Edit- Find * Type MyWay [press Enter] * Delete any/all found, press F3 to continue searching. Delete any/all found * Close all boxes when finished * Click Start- Turn Off Computer- Restart into safe mode again. Delete this folder: C:\PROGRAM FILES\MyWay Next: C:\WINDOWS\update12.0s C:\WINDOWS\tinybar.0xe C:\WINDOWS\WindUp.exe Select/Highlight all the filename(s) from the above. Copy to clipboard by pressing [CTRL]+[C] on your keyboard. Start KillBox.exe Go to the File menu, and choose Paste from Clipboard * this feature does not work on older versons of Killbox Click the dropdown-arrow next to the "Full Path of File to Delete" field. Verify that the filenames you pasted are found in there. Select/tick the following: Delete on Reboot End Explorer Shell While Killing File Unregister.dll Before Deleting * if it's not grayed out Click the RED X button. Click Yes at the 'Delete on Reboot' prompt. Click Yes at the 'Pending Operations prompt'. * If you received a message such as: "PendingFileRenameOperations registry data has been removed by external process", you have to manually restart Windows. * If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, download and run missingfilesetup.exe Then try Killbox again. Reboot into normal mode, and run another Panda ActrveScan. Post the log here. What is the condition of your system now, please? __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009 Last edited by tetonbob; 08-27-2005 at 08:22 PM.