I am not computer expert. But I need theoretical answers on important questions. I think the Equation Group malware is potentially very dangerous for everybody in spite of it is expensive and very targeted. Having read all Kaspersky reports I formed some questions with no concrete answer in Internet. Calling to Kaspersky Labs was useless. So I need your opinion not any way concrete answer on the following questions or some of them.
1. Can all the family of Equation Group malware be found with antivirus check by Kaspersky or other software, using advanced options?
2. Can Equation group malware system replace or modify drivers, hard drive firmware, make other changes in system loading, if Secure boot is on and there is software with Elam support?
3. Are these changes fixed if they can do it in question 2 conditions?
4. Can be changes be fixed, blocked or reported by TPM module, if they are not fixed by Secured boot?
5. Can Secure boot and TPM module prevent infected system from Loading?
6. Can security or other software tools intercept or prevent direct malware modules interactions?
7. Can these tools intercept or prevent their interaction through windows system?
8. Are there any hard drives firmware can not be compromised by malware or any ways without physical manipulations?
9. Can the malwares and core of Equation group hide themselves and other components to become invisible for behavioral analysis? Especially I am interested in the effectiveness of Kaspersky software control and Comodo Internet Security HIPS.
10. What signs point on the high possibility that the firmware is patched by Equation group or mother malware? Can there be some files or virtual file systems on the drive?