good virii

an amusing email that i had to deal with a week or two ago:

<a family friend> suggested I contact you. <business and personal details> I'm a 1-man business, and have spent 6-7 weeks completely stopped by this problem - costly.

I have this problem to which you may just have a solution - I have acquired a very clever virus / malware. Entirely my own fault - I opened an attachment from someone I thought I recognized, and anyway I had all those anti-virus and anti-spyware didn't I... It did apparently nothing and then...

After a week my computer slowed down and showed some anomalies - strange programs running, undeletable files etc. and interrupts using up nearly 99% of my CPU time (sysinternals Process Explorer). It also was "phoning home" to unknown or dead URLs. I downloaded a number of anti-spyware / anti-rootkit / anti-malware programs and none of them detected anything at all.

Finally I "shredded" my hard-drive with an often-recommended program. I "flashed" the BIOS with the manufacturer's latest BIOS version. I re-formatted and installed Windows XP-home from the manufacturer's original disk (<pc details>) The virus already had 3 copies in subdirectories when the install finished.

In desperation I bought a brand-new hard-drive and formatted that with the same original disk. Same result, only this time 5 copies.

The virus seems to reside in the motherboard BIOS AND in the hard-drive BIOS and I'm told in the Graphics-card BIOS. All these BIOSs are in fact flashable by the CPU.

Conspiracy theories abound surrounding this "virus" - the American Homeland Security wrote it - the Mossad wrote it - the NSA wrote it - it is targeted at specific computers - it is a quaternary virus (made up of 4 parts) and one part comes built in to the BIOS - it goes on and on. It has even been suggested that my (quite weak) security for my <business> software has been broken and my software used in Iraq. I find this hard to believe since it is actually very easy to <business detail>, so why bother with me and my rather-complex software.

I actually don't care who wrote it (I immensely admire the authors for a VERY clever professional virus that hides brilliantly)

Being an engineer who creates or fixes things others have broken, I take sides between Israel and the Arabs based on who creates and who destroys, which appears to come very heavily down for the Israeli side. Apart from which, <family friend> is a real <the jewish word for "good man">, and I have known him for 23 years now.

One of the rumors that I pin my "last hope" on is that there is an Israeli anti-virus system which is sold all over the world, but only the versions sold in Israel will actually remove this particular virus???

Would you know anything about this virus / malware? I cannot even find its name with reliability, but it has been suggested as "Handyman". And would you know about anti-virus that might fix it and how I could obtain a made-in-Israel copy (or any copy that would work). I can send money by any route you might suggest.

Sorry to go for so long, but this problem baffles me and is costing me lots of time and energy.

Hoping you can help

average joe


PS
The virus has distributed itself over my local LAN to several machines, and I really don't want to replace them all completely, which seems to be the only fix at the moment.

A short story... A friend, good with chip-repair, was given a "virused" hard-drive. He started copying the virus from the hard-drive, and the virus "spotted" him doing this, so it moved itself. He tried to stop this by disconnecting the write and erase heads of the drive. The virus "saw" this, erased the BIOS and upped the voltage on the 3.3v disk CPU chip to 15 volts, blowing the top off it! VERY clever.

my response to the world:
this whole "israeli army" / "mossad" bullshit is just some more propaganda for a virus that was probably written by some pakistani cs student experimenting.

PLEASE STOP PROPAGATING SENSATIONALISM. the kind of things this guy wrote to me about sound like something out of bad science fiction. it's a virus, maybe even a particularly clever / well thought-out one, but nothing more. the mossad has better things to do with its time, in case anyone forgot we're been in the middle of a war for about 60 years now.

thank you, good night :P