->  WC> Now that's a good one.
->  WC> thanks.

->  WC> I needed a laugh just now.

->  Don't we all and you are very welcome, Wayne.

->  WC> Got the darndest malware going on here.

->  Viri? Bugs? Worms? Spam?

Two possible infection vectors.
One, the application upgrade utility for this O.S. apt-get has lousy
insecure configuration defaults.
Two, a trojan horse possibly attached to the Mozilla browser.

-> WC> Two absolutely perfect hard drives but I dare not use or connect
->  WC> either.

->  Why?

Well because...
Whoever aimed this crud at me was extremely good at programming.
I *cannot* remove or even fdisk the hard drive.
I cannot even *destroy* the hard drive.    
All too easy to do ordinarily with Linux however this
malware has a *real* healthy survival instinct.
It *will not* die.

This particular malware runs a super user account ( owns the machine)
and has the Linux equivelent of a TSR program running in the backgraound
( a daemon).
This is a malicious program resident in RAM.
It's running 5 times the processes I am as user and logs my keystrokes,
steals my addresses from my address book and phones home if I happenm to
be logged on at 12:14 A.M. in the morning.
As I use online banking this s a *very bad* thing.
All my passwords are at risk, well more than that, it's a sure thing
they'll be stolen including that to the online banking.

Because I'm very weird I noticed _something_ was up with the computer
and looked very very hard to dig out the information I've got.
This particular malware has set up it's own peculiar unknown invulnerble 
( to me at least) hidden partition on the hard drive.

Even using Linux in eXpert mode it refuses to allow alter the hard
drive geometry parameters.
It _appears_ to allow it but reboot, it's still there and nothing's
changed.
Physically a perfectly good hard drive it's worse than useless.
Someone HAS tried phishing my online banking account.
I got an email ( with malicious file attachment)
Right logos for my bank, even the right information on where to look for
the information about suspicious account activity.
Only the account activity indicates the bank *never sent the alerting
email*
By this time I'd disconnected the hard drive power and data cables
and rebooted plain vanilla Linux live CD in RAM to get online.
By powering down and disconnecting the drives the optical CD
isn't writtable so thus uncorruptable I could *then* safely check the
account.

->  WC> Nor buy a new one unless I figure out the infection vector.

->  ah. yeah. :( I wish there was something to do to stop those
-> assholes.. they never quit!!!!

If I were healthy it wouldn't be the big deal it is.
As is it's a huge hassle.
Likely change my password a few more times this week just in case he or
she is still at it.  
Not that I've got any money to speak of, it's just that every dollar is
survival.
--- Platinum Xpress/Win/WINServer v3.0pr5