The virus/spyware program "Micro AntiVirus 2009" was inadvertently downloaded to my computer last night, 9/22/08,along withsome document recovery software. The virushas continuous pop-ups telling me thatit has detected infected files in my computer and tries to get me todownload additional software to take action, etc. It also has added questionable spyware processes and xxx site icons to my desktop. I tried to do a "System Restore" picking a date of 9/19/08. However, I received an error message that the system restore was processed with errors. All of the malicious items are still there. I have found a couple of websites with advice for removing the virus, one being from www.bleepingcomputer.com. The site says that the problem can be fixed with their Malwarebytes Anti-Malware program that you have to download. I don't know if this site is reputable or if this is part of the virus. Can anyone from the Microsoft side confirm if this is a safe way to remove the virus? http://www.bleepingcomputer.com/malware-removal/remove-micro-antivirus-2009 Thanks for your help.

Hi The following is highly recommended. PC Safety No-Charge, Unlimited Support.: https://support.microsoft.com/oas/default.aspx?&prid=7552&wa=wsignin1.0 Email and Chat Support is available. Microsoft PCSafety Help and Support is intended for the home user. PCSafety helps customers remove malware infections such as viruses, spyware (including unwanted software), and adware. Hope this helps.If this post helps to resolve your issue, click the Mark as Answer or Helpful button at the top of this message.By marking a post as Answered, or Helpful you help others find the answer faster. Ronnie Vernon Microsoft MVP Windows Desktop Experience

LLK6 wrote: The virus/spyware program "Micro AntiVirus 2009" was inadvertently downloaded to my computer last night, 9/22/08,along withsome document recovery software. The virushas continuous pop-ups telling me thatit has detected infected files in my computer and tries to get me todownload additional software to take action, etc. It also has added questionable spyware processes and xxx site icons to my desktop. I tried to do a "System Restore" picking a date of 9/19/08. However, I received an error message that the system restore was processed with errors. All of the malicious items are still there. I have found a couple of websites with advice for removing the virus, one being from www.bleepingcomputer.com. The site says that the problem can be fixed with their Malwarebytes Anti-Malware program that you have to download. I don't know if this site is reputable or if this is part of the virus. Can anyone from the Microsoft side confirm if this is a safe way to remove the virus? http://www.bleepingcomputer.com/malware-removal/remove-micro-antivirus-2009 [...] Your computer is infected with a rogue securityprogram. Yes, follow the bleepingcomputer's directions (bleepingcomputer is a reliable site). Malwarebytes' Anti-Malware removes Rogue.MicroAntivirus Download, install, updateand run: RogueRemover FREE, SUPERAntispyware (freeware)and Malwarebytes' Anti-Malware(freeware). See and follow: "Checking for/Help with Spyware, Malware and Hijackware". If you need more assistance for the virus/wormpostto the Microsoft Newsgroup - Security - Viruses.Via your newsreader:news://msnews.microsoft.com/microsoft.public.security.virusVia Web: http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=microsoft.public.security.virus [If this post helps to resolve your issue, click the "Mark as Answer" or "Helpful" button at the top of this message. By marking a post as Answered, or Helpful you help others find the answer faster.]

Thank you both for replying. I uninstalled the MicroAV program folder along with a "PCHealthCenter" programfolder that had been created when the virus installed itself on my computer. I then deleted some of the registry files associated with the MicroAV program per the instructions on the bleepingcomputer.com website Manual Removal Instructions. I then ran numerous Norton AntiVirus scans and they ended up being able to detect and remove three Trojan Horses that had made their way onto my system. (Nothing was ever detected duringthe multiple times that I ran a Windows Defenders scan.) I think the Norton scans removed all of the remaining malware; at least I haven't seen anything else weird pop up on my screen. I also haven't noticed my system being slow, which I noticed when the virus arrived. Is there a way to confirm that it is all gone? (other than reformatting the hard drive?) Windows Defender says it scans for spyware/malware, however since it didn't find the items that Norton ended up finding, I don't really trust it. Thanks again for your help. (I will definitely make a note of the resources that the two of you recommended for future issues.) Lisa

Lisa I'm very glad you were able to clean the system. If you keep your anti-virus program active and performing regular scans, you should be OK. Windows Defender is an anti spyware program, not an anti virus program.It defends against 'known' spyware programs and is regularly updated with any new spywarethreats. It's a good idea to keep it running as another level of protection. Hope this helps. ------------------------------------Ronnie Vernon Microsoft MVP Windows Desktop Experience

LLK6 wrote: Thank you both for replying. I uninstalled the MicroAV program folder along with a "PCHealthCenter" programfolder that had been created when the virus installed itself on my computer. I then deleted some of the registry files associated with the MicroAV program per the instructions on the bleepingcomputer.com website Manual Removal Instructions. I then ran numerous Norton AntiVirus scans and they ended up being able to detect and remove three Trojan Horses that had made their way onto my system. (Nothing was ever detected duringthe multiple times that I ran a Windows Defenders scan.) I think the Norton scans removed all of the remaining malware; at least I haven't seen anything else weird pop up on my screen. I also haven't noticed my system being slow, which I noticed when the virus arrived. Is there a way to confirm that it is all gone? (other than reformatting the hard drive?) Windows Defender says it scans for spyware/malware, however since it didn't find the items that Norton ended up finding, I don't really trust it. Thanks again for your help. (I will definitely make a note of the resources that the two of you recommended for future issues.) Lisa Hi Lisa, what my colleague Ronnie said. YW. Glad to help and thank you for your feedback. [If this post helps to resolve your issue, click the "Mark as Answer" or "Helpful" button at the top of this message. By marking a post as Answered, or Helpful you help others find the answer faster.]

Hi everyone I copped this Trogan "antivirus 2009" and after many hours in the registry etc gave up, but then I discovered this site http://www.internetinspiration.co.uk/roguefix.htm#uninstall I read the page and downloaded the ROGUEFIX program as a last resort. this program actually works it cleaned this trogan out of my system. The only drawback is you will have to reset your browser home page and search engine and desktop theme as after the spyware has been removed the opperating system on this part reverts back to the microsoft default. A couple of minutes work and a small price to pay for a good cleansing program MALWAREBYTES didnt work for me ROGUEFIX did good luck http://www.internetinspiration.co.uk/roguefix.htm#uninstall

Vincenzo Di Russo [MVP] wrote: LLK6 wrote: The virus/spyware program "Micro AntiVirus 2009" was inadvertently downloaded to my computer last night, 9/22/08,along withsome document recovery software. The virushas continuous pop-ups telling me thatit has detected infected files in my computer and tries to get me todownload additional software to take action, etc. It also has added questionable spyware processes and xxx site icons to my desktop. I tried to do a "System Restore" picking a date of 9/19/08. However, I received an error message that the system restore was processed with errors. All of the malicious items are still there. I have found a couple of websites with advice for removing the virus, one being from www.bleepingcomputer.com. The site says that the problem can be fixed with their Malwarebytes Anti-Malware program that you have to download. I don't know if this site is reputable or if this is part of the virus. Can anyone from the Microsoft side confirm if this is a safe way to remove the virus? http://www.bleepingcomputer.com/malware-removal/remove-micro-antivirus-2009 [...] Your computer is infected with a rogue securityprogram. Yes, follow the bleepingcomputer's directions (bleepingcomputer is a reliable site). Malwarebytes' Anti-Malware removes Rogue.MicroAntivirus Download, install, updateand run: RogueRemover FREE, SUPERAntispyware (freeware)and Malwarebytes' Anti-Malware(freeware). See and follow: "Checking for/Help with Spyware, Malware and Hijackware". If you need more assistance for the virus/wormpostto the Microsoft Newsgroup - Security - Viruses.Via your newsreader:news://msnews.microsoft.com/microsoft.public.security.virusVia Web: http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=microsoft.public.security.virus [If this post helps to resolve your issue, click the "Mark as Answer" or "Helpful" button at the top of this message. By marking a post as Answered, or Helpful you help others find the answer faster.] I got hit with this "darned little thing" (AntiVirus 209) and did everything that was stated above. I am still getting a couple of windows popping up doing some advertising for the Antivirus 2009 softwarefrom "pro-central". Also when I start up my computer, I am now getting two little messages about missing things, namely C:\Windows\system32\komabadi.dll and C:\Windows\system32\zorirako.dll. What are these for and what do I need to do now? If anyone can help me, I would really appreciate the assistance!

I have the same stupid spyware popping up too. I have Verizon Internet Security Suite. Should I still run the links you guys posted. Please help, I was up til 3am working on this. Oh and should I upgrade to Windows XP Service Pack 3? Thanks! Rachel

Rachel From your description, it sounds like this malicious program has infected your computer, despite the fact that you have a security suite installed. You still need to use the links in the previous posts to get help in removing this spyware. Hope this helps. If this post helps to resolve your issue, click the Mark as Answer button at the top of this message. Ronnie Vernon Microsoft MVP Windows Desktop Experience