On the 26th of August my PC was infected by malware. Ever since I've been trying to get my PC to perform as it did prior to the infection, with little success.
The infection occurred following McAfee's bad update. I downloaded Instaquotes (an iPad app) using iTunes when windows 7 action centre popped up reporting that several storage device controllers drivers were incompatible -- drivers that were issued by my motherboards manufacturer and had worked fine for the previous 18 months without any problems. Meanwhile McAfee firewall indicated that my NAS was launching a DDOS Smurf attack on my PC, odd considering that my NAS is behind two NAT routers and could not be reached from the internet.
Sophos later publicised that the ”Instaquotes-Quotes Cards for Instagram” app was infected with Win32/VB.CB.
I decided that I might as well nuke and pave. I did this by completely powering my PC down (at the mains) then, keeping the PC off, switch mains power back on and flash the PC's BIOS with a known-good BIOS image using my Rampage III Extreme's flash while off feature. I then booted the PC and set the BIOS settings identical to the previous settings (using photos taken months previously as reference). Next, I booted from CDROM and zero formatted the HDD completely. Powered off. Powered on, booted from Windows 7 Ult 64bit CD, built new partitions, installed Windows etc.
I then attempted to install McAfee Total Protection 2012, but the installations failed mid way. After several abortive attempts I eventually got McAfee to install. However windows action center started to report that no antivirus product was active. The system tray icon appeared tp show McAfee Total Protection was working fine.. I installed and used MVT to check. It found problems, which it then fixed. However, McAfee continued to fail to start up properly. MVT repeatedly found the same problem and fixed it.
I then noticed that "Checking NVRAM" appears just before Windows starts to load (i.e. after RAID blurb appears) while booting up. I'm using the same 1502 BIOS with the same settings as those prior to the infection. The "Checking NVRAM" message never used to appear prior to the infection.
Windows action centre then started to identify various storage device controllers (Marvell 9128, USB 3.0, SATA II) drivers as incompatible. More recently the power management drivers are beinfg shown as incompatible. The drivers are those issued by Asus for the Rampage III Extreme motherboard. Reinstalling them seems to fix the compatibility issues for a while.
I've tried scanning my PC for viruses using McAfee Total Protection 2012 and a variety of other well known commercial products, both from within Windows, and via bootable CDROMs. All show that the system is virus free.
I now suspect that Win32/VB.CB was used to deliver firmware malware. Unfortunately there appears to be no way to check firmware integrity at the moment.
Is there any method or utility that I can use to check my PC's firmware. Does McAfee have plans to provide a DeepSAFE product for home users?
At this point any advice would be useful.