Yesterday I had several BOD during normal use of my Windows 7 64 bit dell desktop. previous to this windows had been repeatedly asking for permission to run some very strange looking exes that I hadn't ran. I stoppped the process using task manager and then ran malware bytes to see if anything untoward was happening, about 2 minutes in BAM BOD relating to drivers.
I immediately logged back in on safe mode and tried running malware bytes again, found 19 infections (I have log files if needed) including 2 trojans and the rest part of a rootkit - Tdss
quickly got out my notebook (linux!) and started googling and eventually found the Kasperky TDSS rootkit killer which i ran and it found the rootkit at driver level. I rebooted into safemode ran malware bites again and it found 16 files in sys32 which i removed.
then rebooted back in normal windows and ran full scans with Mbam, MSE and sophos webkit finder none of which found anything...
My Questions are these; Is there anyway of knowing how long I have been infected for? I am aware that rootkits can remain undetected for sometime, I have already reset most of my passwords and instructed my wife to do the same, should we take further precautions?
next question is off course am I still infected? i am also very aware that rootkits can hide themselves from the most advanced of tools, so what can I do to ensure that the pc is not infected?
many thanks in advance, I am a desktop engineer and have several years experience with support, never had to deal with a rootkit of this variant on my own pc before however oh and I am a total n00b when it comes to posting on support forums, but happy to do whatever it takes for you guys to help me
EDIT: I have removed the malware logs after reading the etiquette post, sorry!
Edited by supadupahands, 25 March 2011 - 11:30 AM.