Apparently at least one of these SMM rootkits has been around since May of last year:
Hackers Find a New Place to Hide Rootkits http://www.pcworld.com/businesscenter/article/145703/hackers_find_a_new_pl ace_t o_hide_rootkits.html or here if the above wraps unusably: http://preview.tinyurl.com/4vfsce Scary stuff, since (a) it's at the hardware level; (b) it has been discussed publically by Intel in employee papers; (c) a PoC rootkit has been out for almost a year. Since it's at the hardware level, even booting off a cleanup CD won't be able to find it ... -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +-----------------------------------+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~