We are mid size bussiness to support 400 machines over 20 locations. 25% of those machines are infected by high end malware ( BIOS rootkits). Which product is the best to help us clean those machines? Which is the best method to use? Please give us a solution.
Thanks a lot.
Hope to hear from you soon.
- Follow via:
- RSS
- Email Alert
Question
Answers (2)
0
Votes
RE:- Please give us a solution.
Wipe and Reload?
Yep I know not overly piratical over a large area or numerous machines but with nasty infections you need physical access to the infected unit.
You could try a Rescue Disc but again it may not be overly piratical or easy.
http://blogs.techrepublic.com.com/security/?p=3803&tag=content;leftCol
Of course after you clean the infected systems a good course of End User Education may be the best insurance to prevent this happening again.
Col
Yep I know not overly piratical over a large area or numerous machines but with nasty infections you need physical access to the infected unit.
You could try a Rescue Disc but again it may not be overly piratical or easy.
http://blogs.techrepublic.com.com/security/?p=3803&tag=content;leftCol
Of course after you clean the infected systems a good course of End User Education may be the best insurance to prevent this happening again.
Col
15th Nov 2010
0
Votes
If you are certain it is a BIOS rootkit,
I would try flashing the BIOS on one machine to see if it stops the problem. (Make sure the test machine has no HDD in it when flashing, and a new or freshly wiped* HDD installed after.)
You may have to replace the BIOS chips, or have them fixed by experts.
If this malware is as sophisticated as you suggest, it may hide in any firmware attached to the system. It may also survive flashing the BIOS. If you know exactly what the malware is (name, etc.), you can find a better, more focused way to fight it - look it up, or contact experts.
If you are not positive it is BIOS or firmware malcode, try wiping* the HDD and reinstalling the OS.
Wipe - mean forensically scrub the drive so nothing survives. A format does not do this. DBAN and Killdisk are free tools to do this.
You may have to replace the BIOS chips, or have them fixed by experts.
If this malware is as sophisticated as you suggest, it may hide in any firmware attached to the system. It may also survive flashing the BIOS. If you know exactly what the malware is (name, etc.), you can find a better, more focused way to fight it - look it up, or contact experts.
If you are not positive it is BIOS or firmware malcode, try wiping* the HDD and reinstalling the OS.
Wipe - mean forensically scrub the drive so nothing survives. A format does not do this. DBAN and Killdisk are free tools to do this.
15th Nov 2010
Replies
col and seanferd, have done your best, here.
Somehow, I don't think it will be enough.
Poster apparently is stuck back in the Edison crank-up, cylindrical hard drive days.
Somehow, I don't think it will be enough.
Poster apparently is stuck back in the Edison crank-up, cylindrical hard drive days.
santeewelding
15th Nov 2010
Maybe he should be looking for a mouse or a moth - or maybe a scarab - in these machines, then.
seanferd
15th Nov 2010
All these millennia I have waited for mention of that word.
From whom should it come.
From whom should it come.
santeewelding
15th Nov 2010
There are no surviving Scarabs. Any that may be found will be embedded in Amber.
Col
Col
OH Smeg
16th Nov 2010
Naw, there is a whole family of Scarb Beetles, the well-known (i.e., popularized by ancient Egyptian culture) member being the Dung Beetle.
seanferd
16th Nov 2010
They are not worth anything so it's better looking for the valuable ones.
Col
Col
OH Smeg
16th Nov 2010
They ain't valuable?
santeewelding
16th Nov 2010
