The malicious program is a type of virus known as a rootkit and it tries to overwrite part of a computer's hard drive called the Master Boot Record (MBR).
This is where a computer looks when it is switched on for information about the operating system it will be running.
"If you can control the MBR, you can control the operating system and therefore the computer it resides on," wrote Elia Florio on security company Symantec's blog.
Mr Florio pointed out that many viruses dating from the days before Windows used the Master Boot Record to get a grip on a computer.
Once installed the virus, dubbed Mebroot by Symantec, usually downloads other malicious programs, such as keyloggers, to do the work of stealing confidential information.
Most of these associated programs lie in wait on a machine until its owner logs in to the online banking systems of one of more than 900 financial institutions.
The Russian virus-writing group behind Mebroot is thought to have created the torpig family of viruses that are known to have been installed on more than 200,000 systems. This group specialises in stealing bank login information.
Security firm iDefense said Mebroot was discovered in October but started to be used in a series of attacks in early December.
Between 12 December and 7 January, iDefense detected more than 5,000 machines that had been infected with the program.
fdisk /mbr for older partition types will wipe it. Dynamic discs can be redone too but off the top of my head I cant remember that one.
The new EFI firmware cant happen soon enough to get rid of the BIOS and old crap like this all together. Service Pack 1 for Vista adds EFI support.