A friend of mine wanted me to do some work on her computer, but when I fired up the computer all I saw was Malware Alarm.

The computer was really slow and essentially un-usable. Malware alarm, I noticed, looks a lot like the scamware PS Guard and SpySheriff. These are applications that pretend to be anti-virus, anti-spam software that actually infect your system with spyware, mass-mailers, and backdoors into your system. This type of the malware is known as a trojan. As usual any attempts to shut this application down or minimized it are useless because even if you do manage to get anything else up, it will eat up so much system resources (CPU, memory, bandwidth) that the computer itself is close to useless. It you delete it in normal mode and miss a part of it, it will regenerate itself like a hydra.

After looking at the Task Manager (which took 20 minutes or so), I decided to reboot in “safe mode”. Unless your system has something like a Rootkit (malware that replaces the main component of your operating system) Safe Mode only turns what is needed and nothing else. I used system restore to remove Malware Alarm. And Spybot Search and destroy/Adaware to remove everything else.

System Restore should be used first because it is easiest and does require any additional software.

1) Reboot in Safe mode: Restart system, hit F8, select “Safe Mode”

2) Proceed in Safemode: When prompted (as in the picture above) Select “NO”

3) Restore Wizard: Select a date prior to when you recieved the malware (system restore does not delete newly downloaded files, only new changes in the registry)