will this also work for 'partner32.mydomainadvisor' malware?

easy to follow, but its just a lot of work!!! there's have to be an easier way..

This is easy. Thankyou!

On the CMD, you know when you have an option for yes or no to replace the file, I siad yes and it said access denied, why is this.

omg that hole process looks really hard

like the video how can we get the file you used to test your process. Be good to have to test your process in a test environment.

Man.... you people are ANNOYING... yeesh- I know this sounds piggish, but if you don't get this video, remove your virus/malware through OTHER means!! You really think this guy is going to answer every random question happen you churn out?

This is really good. I'm a IT student at the minute with a bunch of certs and none have really explained how to get rid of malware. I would be really interested if you did a more in depth video with maybe seeing malware in different scenarios.

Thanks.

HELP ME!! I have this problem: Windows security alert!

Windows reports that computer is infected. Antivirus Software helps you protect your computer from viruses and other security threats. Click here for the scan your computer. Your system might be at risk right now. ) i get that message every 20 sec or so and i can't open like.. exe stuff and such because it says forexample: Virus alert!

Application can't be started! The file mspaint.exe is damaged. PLEASE HELP D: i think i have a trojantoo

does this process actually REMOVE the viruses, or does it just isolate them? if it isolates them, then can we remove them after isolation?

i really need help to get rid of gostats . com redirect spyware. for most websites i try to load them and in the bottom left in my browser it just says gostats . com?? does anyone kno how to remove and dont just say "get superantispyware" or "get spybot" coz ive got about 4 or 5 different antispyware/malware PLEASE HELP!!!

Got a couple questions

1. Are the purple ones the only one infected?

2. if i kill a program will it start up again on next boot?

3. is this legit?

@Akkadiandude

1. no, they are compressed libraries/executables. malware libraries or executables will often compress themselves to evade virus signature detection.

2. if you kill it through task manager or procexp, yes.

3. i don't see why not. be careful with hijack this though.

i got viruses infected me in c:\windows\system32\searchprot­ocalhost.exe and and windows\explorer.exe. does anyone know if it will harm my computer ? its a trojan dropper.small but idk if it just wants credit card info.

@MwFreezd that is the most ignorant question i have ever heard. good luck.

I was able to download both HiJack and Processor, but the virus will not allow it to open....I have also tried it in safe mode w/o success....any suggestion

@mrsgoodrich3 hey...the same thing is happening to me...did you fix yours yet?

Best ending to a video ever

hey i have a problem. my girlfriend has a virus and im trying to fix it. the virus wont let us boot into the desktop. should we just go into safe mode and disable the file or what? because i already know the viruses name.

answer and ill subscribe!!!!!

ummm so if i dont see any colored lines in process explorer, then i'm fine? i am talking about the section on the bottom with all the dlls

ummm so if i dont see any colored lines in process explorer, then i'm fine?

does command prompt work on win XP?

@Boieng747obsession Command prompt is on every OS my friend.

when i do cacls esent.dll /p everyone:n

it says are u sure, yes no

then i do yes and it says access denied what do i do

Thanks for the help, i totally understand everything you said.

I have a problem though, every time i try to load the cmd, the stupid error message from the spyware or whatever prevents me from opening anything apart from my browser and the procexplorer.

How do i get by this??

Excellent video. I've always used autoruns to identify drivers and other strange files and disabled them there. This is actually some more good knowledge to know for confirming that everything is removed. BTW, have you deleted any of these files, rather than changing their permissions, and run into any problems?

i have a 'system' but no 'system32'.

@DBOE2011 if thats true, then ur computer is messed up! check again!

my computer--->local disk(C:)--->WINDOWS---->system­32!!

well guys i dont presume ...but this i could call the most near to all that you need to learn to fix your computer in the old way (using a lot of programs (thats the old way yet)) because my method dont use all that (and really that way show here dont ever work beliebe me (it have some bugs)...well if want to learn the most update method...jus see my channel

i really dont know what to do this is a very go way to take things off but i mean there has got to be a better way in finding these things much much easyer

@ exids Another thing, how can you be sure the .dll file your disabling for all users is malicious?

@ exids Wouldn't it just be easier to find the .dll file in the system32 file and delete it?

@Helicon2112 watch his first part

Why exactly is this called the "Botts Technique"? Seems like all it is requires, locating packed file, change their ACL's then tell your audience to stupidly shut their system off in the event a virus might launch at shutdown. If the virus is that bad, then the job is not done. There are much better ways to kill a virus without risking damage to their hard drive.

can waht is this virus ?? mfevtps.exe help plz

@fero42 thats McAfee antivirus exe

@serhad95  evet biliyom vrus sildim saden mcafe dun saden bi hata yapmis butun mcafe kulanlar pcye vurus girdi format atim yeniden yukledim

@fero42 ii sevindim hewal sildigine

@fero42 sorry it is not mcAfee i missread it ve bu virus tur silmeni tavsiyeederim

Ha Ha Ha ... I miss all that fun I used to have before I switched to Mac!

Great vid, reports from spybot says trend & Mcaffee maybe considerd to be spyware

wat does that mean??

bro i dont have a purple line.

Nice video, thanks.

you are my hero! lol

anyone know how i can get a virus off of my mp3 player?.....i know its on there but the file doesnt show or any thing.....

You can just delete/quarantine suspicious files always do all this in safe mode, always do your research. Save deleted files in a different location with a changed name. DLL's can become corrupted even if they are name legitimately didn't think of that did you.....????

Always do your research online on any discovered threats remove registry-keys and all associated files changing permissions is pretty weak when its less work to remove

I will give it a try. I have problems on my desktop where I can't even download any thing. I can't even start my antivirus program.

When I put cacls ntosknrl.exe /p everyone:N and yes, it says that access is denied already.

open the command prompt using administrator. If you right click on the cmd prompt icon select open as administrator

if that doesn't work post the results of the error.

how can i get this software without payin for it ...........cuz when i try to download the process explorer is zip and i can downloade it !!!!!!!! please help ...

what happens if you get a message like "The system cannot find the file specified" how can i fix that or what can i do to make it find the file?

Wow! Great Stuff! Thanks for taking the time to make and post all of these wonderful and helpful videos.

Excellent video. Thank you for sharing your knowledge and experience. Very comfortable pace and clear visuals make your tutorial easy to follow.

it looks hard

Try it, it's not hard.

It's much easy then backup, format, clean install... antivirus scan of backup ...

You need to kill process and all DLL files that are not normal in windows sys. then delete those files, then remove it from startup ->REGISTRY!!

Everything is so hard untill you try it, if not succesful from 1st time, keep trying and result will come. C-ya

fuck windows.. fuck DOS.. fuck Apple...

I dont get it

very good indeed.

i want to know if this kind of process is efficient with trojans in the vista OS.

how the frick do i get that little window that u had with those bad purple files?~

There is a menu called View at the top...

Hey, I have a problem. I have some purple files, but when I try to do the cacls thingy, it tells me that "The system cannot find the file specified"

what tabs should I be looking under for "bad" files?

and how do I get that "split-screen" look that you have?

Mine is only one "fused" screen.

P.S. all the purple/magenta highlighted files are .exe files...how do I see the .dll ones?

Is there anything harmful about the .exe ones? (I have 91 that are highlighted -_-)

HELP PLEASE!

Dude thankyou soooo much i cant thank you enough!!!! you saved my ass from alot!!!! thanksssss!!!!!

hhhh im just gonna go smash my computer and see if insurence will kick in

dude when i try to open up cmd, it says it cant

it says if i want to find how to on the internet, or choose a program

HELP!

type cmd.exe

this is kinda weird but when i exit utube this message comes up

something unexpected happened please smash your head on the keyboard and run around the room!

HELP????

Dude,

stfu

were can i get these progames... there awesome :D

in my processes i have over 100 "taskeng.exes" running and its this way every time i restart the computer. it doesn't really slow it down at all, im just wondering why they are there. any ideas?

i got WinXP64 OS and i got the gadcom.exe virus. will this help me???

very good!, thanks, but how can i create "process exploxer" icon (what's the filename?)

nice......I'll try

sorry to be asking this here i think that this spyware is messing up my connection!! can you tell me what r00000000000a.clb is? i have 12 svchost.exe running and only two do not have the r00... thing i'm seeing this thing all over the place including process explorer and my antivirus!! help!! (good thing i watched this vid!!!)

crazee. its a virus...

thanx though XD but i reset my system already! it's all better lol!

Now, do I have to shutdown cold everytime i turn off the computer.

no only that once

Awesome job helped me alot thanks =D.

u said somethin bout how some ppl may not know if they actually do have a virus installed in their system, because i have had threats, but i can still go on the net and do mostly nething. how to kno if the virus is permanantly stuck.

Thanks that was a realy good video

thank you ! you did a great job !

i Love You :D Again.

Nice video - I have billed literally hundreds of hours cleaning spyware and although the money is good I hate spending my time doing this. Computer consulting is all about efficiency with your time. Spyware scanning tools can take upwards of 15-20 mins to complete and often can't clean the real nasty buggies. I go directly to Prc Explr and hijacthis. Another tip for locating bad files is sorting system32 dir by date. Files added on your spyware infection date are easiy identified.

Brilliant work, Exids!

I clean this stuff professionally, and this technique is exactly how I dig out spyware/trojans/viruses, when my cleaners/scanners can't do the job.

Excellent work!

-Lee

do i have to be in safe mode while performing this bots technique? If not can i go online at the same time to search for culprit file definitions on google. i just thought you should never be connected to the internet while removing a virus. is this different?

:O TOTALLY WORKS! THANKS A LOT!!!

the only way to get rid of a virus is to reinstall your os

wat to do if i have virus/spyware but i dont kno much bout computers. is there any other way to remove them so that i dont have to format my system.

very informative video, thank you for the time

thank you for this video before I found this video I had 4 viruses on my computer but now thanks to you my computer is virus free.

I cant use ctrl+alt+del, and I cant use the search function, and not the controlpanel either...dont think I can use command promt 'cause I cant search for it...What should I do?!

i had that problem, and the only thing i found was re-install windows.

wow ty.

I'll try to make a batch file to auto all that.

thnx dude,, really wrkd

i hd a single spyware process tht ws irritatng the hell out of me,

ths tchnque solved it in 2 mins

wow super geeek XD but thx i manage to get the spyware prob i had i wish i c give u 80$

Is there any procedure through which we could differeciate between viruses and system files?

Quite honestly the best way is to just research each process and dll with Google. You will be amazed at all the crap that is still left in your computer, even if you uninstalled it a long time ago!

yes google the file

Major problem - I accidentally killed the main internet explorer thing.

is there anyway I can get it back??

Now, I don't see the tool bar on the bottom of my screen, or anything on the desktop.

ADVICE NEEDED PLEASE :///////

If you kill the process explorer.exe, it's easy to start it back up.

Simply go to file... run in process explorer. When the run box opens, type in explorer.exe and click ok. This will bring back your task bar and desktop.

ctrl+alt+del file...new task type "explorer"

yeah yeah I've heard rumors you're good

i have a question. what's the difference with svchost with sscviihost?

One is spyware and one is critical to the operation of windows. sscviihost is spyware. Don;t ever do anything to the svchost file, it is a critical file to keeping things runing smoothly.

There are risks associated with this, that is why I recommend that you have an experienced technician follow this procedure if you are unsure.

The main thing is to stay away from editing files from companies YOU KNOW are safe.

Im wondering is this risky because i dont wont to kill my computer

Yeahhhhhhhhhhhh..i did it. OMG..This the best tutorial i did have..really interesting..took like four hours since i had a bunch of viruses and my file system was in a FAT32 mode so had to change it to NTFS..But i did do it..i didnt give up..Chris you the best.Thankyou very much..Me and Bottts technique we are one tool now..THANKS

thanks.

I am sorry but i dont understand anything of what I have just saw. I do not have any viruses nor do I attend to but I hear these comments that you have helped people so I guess it doesn work and make sence, I think I have to have a virus before I get it because I do not know what it is like. but thank you for uploading the video anyways.

watch part 1 and repeat it again you'll get it

my problem is i don't know if you are also suppose to type that cacls word