Quote Originally Posted by pitfiend View Post
your advice is right, but also keep in mind you are not alone, a good anti virus is a must to prevent further infections.
The problem is that mentioned attack usually disable AntiVirus software before it can be even detected. I once even saw how virus replaced few files from Avira Antivirus so it seemed that it works OK but infact it was compleetly disabled. The only way I figured out that it was disabled is when I started updating process but even when program was showing that it is downloading updated virus definition there was no network traffic.

When my friends computer got infected with Salinity NSF it took me two full days to figure out how it works. Luckily Eset NOD32 Antivirus did recognize that some file has similar proprties than those from Salinity virus familly. This gave me ability to google more about Salinity viruses and therefore forus my serching on right area to sucsessfully detect infection and even disinfect the computer manually.
Another good thing was that I learned from where did infection first originated (recently installed software). This gaved me excelent chance to observe the infection itself on my virtual machine which I got purpously infected.

But since Salinity NSF was first time detected only three days before my friends computer got infected and no AntiVirus software had suficient information to defend from it at the time.

Anywhay even having best AnticVirus software doesn't help you much if there are severe security holes in OS.

Sorry for going off-topic but I feel this is information that could come usefull to everyone