Approx Date surfaced: Sept-Oct 2004
Causing tremendous system troubles with all OSes. Users infected by visiting sites, clicking on popups. Infection mutates with every reboot, creates legit looking files in HJT logs. Very difficult to remove, we have a fix for it, with very good success rates thus far. See the links below to file a complaint and see the actions being taken.
Examples of infection in HJT logs:
O2 - BHO: CATLEvents Object - Random CLSID & dll
O4 - HKLM\..\Run: [*Name here will be the same as the .exe] C:\WINDOWS\bad folder\bad.exe
O4 - HKLM\..\RunOnce: [*Name here will be the same as the .exe] C:\WINDOWS\bad folder\bad.exe rerun
O4 - HKCU\..\RunOnce: [*MS Setup] C:\WINDOWS\System32\bkinst.exe ren <<or something similar.
This infection has more or less disappeared, and the fix is fairly easy, tho, it does have some things to bear in mind when fixing.