In the last 3.5 years, I’ve seen many infected PCs (seen many viruses, trojans, spyware, and recently rootkits as well)

My usual routine is to remove the infection, and then tell the customer to: (after I leave) change any passwords that could involve financial transactions.

In this case, the PC was the admin PC of a childcare centre. It was used for (amongst other things) transferring staff wages to their bank accounts.

The PC had AVG 8 installed, but it didn’t seem to prevent the infection.

After some hard work, I managed to remove all the nasties (Vundo, various trojans, TDSS kootkit, etc).

A few weeks later, I was talking with the customer, when she tells me that about 1 hour after I left, she got a call from the bank, saying that they detected a suspicious transfer of over AUD$15000 out of her account.

After that she went through a long and arduous process to prove to the bank that she didn’t transfer the money (stat. dec., police report, screenshots of an antivirus scan showing that her PC is clear of infection… changing passwords, cancelling credit cards, etc etc).

So please be careful, as an infection is not just an inconvenience, you can really get money stolen from your account.

Most computer techs already know this, but this is the first time I’ve actually heard of  this happen with a customer.

Also remember that an antivirus/antispyware program cannot guarantee that you will not be infected.

It is always possible for an infection to start spreading on the internet, and then an antivirus/antispyware is able to detect it only a few days later.

This can easily happen if you use something like limewire, emule, or one of the many bittorrent programs, as you will get “new” files with brand new viruses…