Monday, September 12, 2011

Fix a PC that has trouble booting or starting up

On occasion I have noticed that my PC won't start-up without finagling with it. What you may be experiencing is a problem with a hard disk sector. Errors on your hard drive are usually caused by the computer being powered down without actually letting Windows shut down the PC. The computer is using system files all the time, reading and writing to the hard drive continuously. If you interrupt that process it can cause serious errors to crop up.

If you happen to lose power at home or just push the power button for an instant shutdown you are probably creating errors.

It is possible to fix PC start-up issues by running the IoBit Advanced System Care utility. Simply do a "Deep Scan" and it will work through problem area's common to PC's. You don't need the full version for this scan, the free edition is sufficient. I paid the $12 to get the full version and it does all of this automatically for me.

If you cannot boot or start-up the PC you are probably being led to the black screen where Windows asks you to choose between a restore point etc..

Select "Command Prompt with Networking".

When you at the command prompt simply type "CHKDSK /f" or just "CHKDSK".

This will perform a hard disk scan and look for problems. It takes a while to complete but it usually can fix start-up related issues.



If this post didn't address your problem feel free to drop me a comment and check back for the solution.

-Happy computing


Sunday, August 7, 2011

Removing Fake Antivirus

Removing a fake antivirus infection can be a real hassle. The good news is that this blog will take some of the stress out of this problem for you.

To start, I encourage you to download the free malware removal tools below.
It's important that you read the entire document, the technique used is just as important as the tools you download

Keep in mind that removing fake antivirus malware can be challenging, read this guide once through and print out the guide for reference if you loose internet for any reason.

 Free Malware Removal Tools

Download Each Free Tool








Assuming you internet connectivity, download several versions of  Rkill that are available.
For example:
Rkill.exe and Rkill.com; I would grab the other two variants as well.

The reason for this is because the fake antivirus can prevent Rkill.exe etc. from launching. They often do this to your Anti Virus downloads.

Step 1a

Download at least one of the free anti virus packages I linked at the top of this page.
Do Not try and install the Anti Virus Software yet!

Step 2

After you have downloaded at least one anti virus and at least two variants of Rkill; Restart the computer in Safemode

Do that by hitting the F5 key as Windows begins to start.

Choose the Safemode with Networking option 

 Step 3

Copy the Rkill files from your "download" folder to the desktop.

Launch Rkill.exe or Rkill.com to suspend any running fake antivirus viruses.

You will see a new window open up with a black text box.If you don't see any activity after launching Rkill.exe try launching Rkill.com, and so on until it works.


Step 4


Install one of the anti virus tools you downloaded and update it.

The perform Full scan.

The scans should turn up some virus's that can be removed.

If the anti virus doesn't turn anything up, uninstall that anti virus and install the other copy you downloaded and repeat the process.

Be patient, removing fake antivirus malware can take several scans.

Step 5

I assume either Malwarebytes or Avira was able to remove the fake anti virus software at this point; or at least some malware.

If so, restart the computer normally and see if the clean up fixed your issue.

Re-scan Windows again. You do this because now there are more system components running which may have activated any safemode dormant malware.

Step 6


If the fake anti virus was removed successfully you may disregard this last step.

Download combofix from the link provided in the blue tools box.

Combofix cannot be run from the "download" folder, so copy it to the desktop.

Combofix doesn't play well with actively running anti virus tools, so you may need to exit those programs before starting combofix.

If you are told to download and install the Microsoft Recovery Console....DO IT!
This will allow Combofix to make repairs to corrupted system files.

Before using Combofix, read the guide that is provided by bleepingcomputer.com. It will save time in the long run.



I trust by now if you have followed these 6 steps your PC is now running properly.

It has been my privilege to write this guide.

-Best wishes!









Thursday, June 2, 2011

Google redirect virus

If you have had the misfortune of acquiring the "Google Redirect Virus" or "Browser Redirect" then you are probably ready to scream! Fixing this so-called Google virus has been an issue for many people.

Ive read many many posts where frustrated people have tried all manner of anti-virus scans and still could not find the problem. Fortunately the Google redirect virus was finally identified as "atapi.sys".

The problem is a rootkit hooked or embedded into the Windows Hard Drive control file "atapi.sys" and slips under the anti-virus radar because atapi.sys is a normal and required windows system file..

Tools such as RootkitRevealer, and GMER were able to locate the problem because atapi.sys was acting unusually. They can detect this because "kernel mode rootkits" exhibit behaviors or anomalies that can be detected by rootkit scanners. It may take several scans to detect the google redirect virus because of the nature of kernel mode rootkits in general.

To repair this issue I recommend downloading and running Combofix because it has been updated to check for this.

If for some reason combofix does not repair the problem, download GMER and scan 3-5 times. This should point to any suspicious system files that may be infected or altered.

If the search reveals a system file is the problem, you need to get a clean copy of that file from either a Windows CD / Re-Install latest Service Pack or the Internet. Be aware that simply copying and pasting the system file may not cure the issue. You may need to boot the infected pc off the Windows CD and select the repair option.

Lastly, to prevent future reinfection, perform a Windows search to locate the infected file, delete the old file and install the clean copy. Right click and select properties. Under the Attributes heading, check the box that says "Read Only" and click "apply".

This will prevent re-infection.

Saturday, May 21, 2011

Fix broken Internet after malware removal

A fairly common issue after removing a virus from your PC is that the internet no longer works.

This is usually due to settings or corruptions in either your "hosts" file or "Winsock" aka "LSP" that the virus/malware caused when it installed itself on your PC.

 Thankfully correcting this issue is simple.

 Step 1:  In Windows XP search for "hosts" in Vista and above type "hosts" in the windows search bar.

When you locate the "hosts" file open it using "Notepad".
 At the bottom of the text file you should see only             127.0.0.1            localhost
If there are more entries, delete them and then save the "hosts" file.

 Step 2:  In Windows XP Service Pack 2  goto "run" then type "cmd".  Windows Vista or higher just type "cmd" on the Windows search bar.
 NOTE: Vista/Win 7 users may have to open "as administrator" to continue.

 From the black screen (command line screen) type in :  netsh winsock reset

Then restart the computer,


Lastly,  download CCleaner to clean temporary internet files etc...

I recommend you view my tutorial on this subject. It also has screenshots of the steps I outlined above.

 If the problem re-occurs after these repairs it is possible a virus / malware is still present on your PC.

Best Wishes-

Friday, April 15, 2011

PC won't let you install an Anti-Virus program?

I have actually seen malware uninstall a certain A-V program before. The weird thing is when I tried to install a new A-V program, it would start to install...then...nothing.

Seriously the computer would act like I never even installed the new anti-virus program.

The reason is that a Rootkit is blocking the installation of certain programs.

The solution is boot the computer up in safemode(F5) with networking, and download Combofix from www.bleepingcomputer.com

This A-V will enable you to now install your malwarebytes or AVG or whatever.

If this still doesn't help I urge you to read my Malware Hijacked tutorial.


Best wishes

Tuesday, April 12, 2011

Quick Tips to Remove Malware

If you have malware on your computer and need a few simple options read on!

1. Download ComboFix and run it from safemode.

Combofix is a really stout tool for getting rid of known malware. It doesn't play well with other Anti-Virus tools so you may be prompted to uninstall your current Anti-Virus.

2. Goto my tutorial site (stop-malware.com) and read up on another useful malware removal tool. It's a free rescue cd that you can download from companies like Avira or AVG. They are very useful in detecting hard to find malware and getting them removed.

You actually boot your computer up with this CD and it scans before Windows even loads. This provides some benefit because rootkits that commonly hide or restart malware will not be active.

3.Lastly, I think downloading a 30 day trial of a Full Version antivirus program can help.

If your computer for some reason or another will not let you install an anti-virus program I strongly suggest you visit my website www.stop-malware.com or launch Combofix from safemode and see if that works.

Bear in mind it is wise to scan several times, rootkits can usually only be found by anomaly detection. That usually takes multiple scans.

Best of Luck!

Monday, April 11, 2011

Student of Malware

It hasn't been long since I started my self-help website www.stop-malware.com and I have learned so much since its creation.

See, I felt a burden to help out somehow. To make people's lives less difficult especially when technology continues evolve and transform the way we live. In many cases technology has become something of a curse.

I believe that long ago hackers had an ideology that was of somewhat pure of heart, they were lashing out against "The  Man". But now this has changed to thievery that  any "hacker" is basically associated with these online thieves. In my humble opinion that is tragic. I say that because the "real" hackers were somewhat like an artist and had a purpose, not for theft but for change.

The real irony for me really struck home when I purchased the stop-malware.com domain.

I remember actually typing in the web address for the first time and my browser WARNING me not to goto that site!!!  I dawned on me the Google and other had flagged the site due to malicious activities from the previous owner....wow!

I said all that to say this. Me using my tools on this blog and on stop-malware.com have a vision of helping people quickly and simply overcoming malware, removing malware on their own.

Using that, I dedicate my efforts to providing fresh and effective solutions.