Today's sneaky viruses require extra precautions
The malware assault on our PCs escalated in 2008, according to antivirus vendor F-Secure. The company's threat summary for the second half of 2008 reports that F-Secure added 1 million virus definitions to its database this year, a threefold increase from the number of viruses the Finnish security vendor detected in 2007.
Today's malware authors aren't just looking to cause trouble; they're after your money and personal information, which these days are synonymous. Attacks are only going to increase in number and sophistication. If you thought you could avoid an infection by staying away from questionable sites, downloads, and e-mail links, you're mistaken.
The only way to play it safe is to assume the worst. That's why I spent several hours last week disinfecting a notebook computer that probably wasn't infected in the first place.
It all started when I decided to run a free online virus scan on my notebook. I use a top-rated security suite that's set to update its virus definitions and other settings automatically, so I was confident that the scan would come up empty. (I'm not going to name either product because I don't want this post to be construed as a recommendation one way or the other.)
Unfortunately, after a complete system check, the online virus service told me it found two suspicious files on my notebook. The scanner's option to remove the files was grayed out, and the option to "skip" them was recommended.
It appears that the files were flagged as potential problems because they included the word "trojan" in their names. I acknowledge the "hide in plain sight" approach, but I doubt that many malware authors would be so kind as to identify their creation in the file name itself.
Still, the scan had introduced the possibility of an infection, so I immediately closed the notebook's Internet connection, updated the virus definition database of the antivirus software installed on the machine itself, and performed a full system scan using that program.
I wasn't surprised when the scan came up clean--several hours later--but I was relieved that I didn't have to go into full wipe-out mode, doing a complete system scrub and changing all my passwords. (Come to think of it, I should probably sanitize the system and refresh my passwords, anyway.)
Three years ago, I wrote a story called 10-Step Security that promised to lock down your PC in only an hour. The tips in that article are beginning to show their age, so this week, I'll be updating them here to reflect the new reality of computing in dangerous times.
Dennis O'Reilly has covered PCs and other technologies in print and online since 1985. Along with more than a decade as editor for Ziff-Davis's Computer Select, Dennis edited PC World's award-winning Here's How section for more than seven years. He is a member of the CNET blog Network, and is not an employee of CNET. 
Use malware-bytes anti malware program: http://www.malwarebytes.org/
It is a free program available at download.com. It will help you to remove the antivirus2009 (which is really a virus) and its brothers and sisters which go by several names.
Also available: Combo-Fix http://www.bleepingcomputer.com/combofix/how-to-use-combofix
This program is to be used first on any affected machine.
In cases where the computer has been taken over by the virus, use the combo fix program first in safe mode. When combo fix restarts the computer, start it back into safe mode (or it will undo all that combo fix has done). Once combo fix has finished running, use the malware-bytes program to finish off the remaining files and infections. Countless times I have seen where people get the pop-ups and try to fix it themselves. Unless you know what you are doing, this will make it worse.