Yesterday I got a pop up from Webgator twice asking if I wanted to install a program I not only never downloaded, but have never even seen. It also had a problem with it's certificate. This was after getting my 3rd email w/the BadTrans worm.

I tried to go to the PC-cillin site to use their online scanner and couldn't bring it up.

I just tried to download the Esafe email program (needed a new one), but after the download was complete, it had a problem with it's certificate as well, so I junked it too.

I looked in my files for the BadTrans program file and didn't find it, but could I have been infected anyway? An email virus scan program should have their security certificates in order I would think.

Can this BadTrans worm hide itself in downloads (hence the certification problems)?

Tried the PC-cillin/Anti-vrirus site again and now their scanner comes up with an Authenticode problem. Tried to redo my Grisoft and the same problem happened. HELP?!

Also, how can you tell if the keylogging trojan got in your system?

I tried it! This does work!
 
 
I learned a computer trick today that's really ingenious in its simplicity.

As you may know, when/if a worm virus gets into your computer it heads
straight for your email address book and sends itself to everyone in there,
thus infecting all your friends and associates. Well, this trick won't keep
the virus from getting into your computer, but it will stop it from using
your address book to spread further, and it will alert you to the fact that
the worm has gotten into your system.

Here's what you do: first, open your address book and click on "new contact"
just as you would do if you were adding a new friend to your list of email
addresses. In the window where you would type your
friend's first name, type in !000 (that's an exclamation mark followed by 3
zeros). In the window below where it prompts you to enter the new email
address, type in WormAlert. Then complete everything by clicking add, enter,
ok, etc.

Now, here's what you've done and why it works: the "name" !000 will be placed
at the top of your address book as entry #1. This will be where the worm will
start in an effort to send itself to all your
friends. But when it tries to send itself to !000, it will be undeliverable
because of the phony email address you entered (WormAlert). If the first
attempt fails (which it will because of the phony address), the worm goes no
further and your friends will not be
infected.

Here's the second great advantage of this method: if an email cannot be
delivered, you will be notified of this in your InBox almost immediately.
Hence, if you ever get an email telling you that an email
addressed to WormAlert could not be delivered, you know right away that you
have the worm virus in your system. You can then take steps to get rid of it!

Feel free to pass this trick along to your friends.

Armabill;

Although that at one time used to be true or work it no longer is. A true worm sends out ramdomly in your address book, so it may or may not start from the top or use that address at all. Although it cannot hurt, it is not a guarentee fool proof alert.

Later

IAJack