Re: [CAD_CAM_EDM_DRO] Attachments?

I have been fighting a "badtrans" infection that I got from this list.
According to the symantec site, simply running anti-virus software won't get
rid of it. You are supposed to have to delete a registry entry; the entry
was not present on my system registry however.
My anti-virus software claimed to delete it upon receival, however the next
time I scanned my drive, it found it again!
Then I was presented with a dialog box upon rebooting my computer,
requesting that I reload the infected file - I have no idea what is going on
for certain.
You don't have to open, or even read the email for the attachment to run,
according to the site I was looking at.
The site also claims that only systems running Internet Explorer 5.5 or
lower are affected.... NOT TRUE - IE6 users who chose a "custom install" are
also likely to be infected.
This virus (actually a worm) records all your keystrokes, then reports them
back to various email accounts. Needless to say, it's probably a good idea
to avoid typing in any sensitive information (such as credit card info)
until you know you are safe...

Check out the links below, and use you own judgement; it seems no one has a
good grasp on this one yet:
http://abcnews.go.com/sections/scitech/TechTV/techtv_badtransworm011130.html

http://www.sarc.com/avcenter/venc/data/w32.badtrans.b@...

"...When it is first executed, it copies itself to %System% or %Windows% as
Kernel32.exe, based on the control bits. Then it registers itself as a
service process (Windows 9x/Me only). It creates the key log file
%System%\Cp_25389.nls and drops %System%\Kdll.dll which contains the key
logging code..."