Virus and Spyware Protection


This is Absolutely the Most Important Page on this Site

If you are new to computers and want to have a computer that you can use safely for online transactions (banking, purchasing, etc...), you need to read and re-read this page until you understand everything here.

Protect Your Computer and Your Personal Information from Theft

As most computer users know, it's very difficult to surf the web without annoying pop-ups or other distractions. This page is to help you have a better experience on the net and to help keep your computer healthy. Some of the malicious software (malware) can actually cost you money. Automated dialers can call chat lines without your knowledge. If you use a computer that is in any way connected to the internet or other computers, you are at risk of identity theft, theft of passwords, loss of important files and spying.

Many people complain that their computer is slow and they think they need more memory or a bigger hard drive. In most cases, these are not the problem. Your computer should operate as quickly as it did when it was new. If it doesn't, it's very likely infected.

Anti-virus software will be covered a bit later but since most people read just a small portion of any page, this is going to be placed ahead of the rest of the anti-virus information. If you have a computer using Windows XP, Vista or Win7 without an up-to-date anti-virus program running, please click the following link and download Windows Security Essentials. It's free and is the least intrusive anti-virus program that I've seen. It will regularly update itself to ensure that you always have the latest protection. When you install it, allow it to run a scan. There will be two choices. The quick scan will check for active infections. The full scan will scan your entire system. Allow it to remove any infections it finds.

Click HERE to download Microsoft Security Essentials.

Forced to Buy a NEW Computer Due to Infection

While it's not possible (or, at least, not common) for malware to damage your computer, becoming infected could cost you the price of a new computer. Many older computers serve their owners perfectly well as they are. Many would not choose to buy a new computer but could be forced to if their computer becomes infected. Most owners have lost their original discs that were shipped with their computer. Some of the files needed to load the operating system are no longer available and the copies that can be found on the net are often corrupt or loaded with malware. If the owner no longer has the original Windows disc and it's not available from the original manufacturer, they will be forced to buy a new version. This could cost $100 or more. If they can't install it themselves and all of the drivers needed for the proper operation of the computer, they will have to pay someone else to do it. This could cost another $100 (possibly more). Since many computers use Windows XP and it's no longer widely available, they will have to buy a new version of Windows. The newer versions of Windows are not compatible with many of the older computers. This means that getting infected with a virus that severely damages the operating system (to a point that it cannot be repaired or is not practical to repair due to the time/expense involved), the owner may have no choice but to buy a new computer. FREE software can protect against most malware (did I mention it was FREE?).

Turning Your Computer Off

Many people leave their computers on 24 hours a day. I don't see a problem with this because most computers draw very little power when they go to sleep/hibernate/standby mode. For those who leave them on, PLEASE make sure that your computer is not infected. Large numbers of infected computers can be used to attack servers or sites. This is generally done when the computer is infected with a trojan horse (type of malware - malicious software). If you're not 100% sure that your computer is completely clean, I'd recommend turning your computer off when it's not being used. This prevents it from being used to attack other computers/servers/sites.

Automatic Updates

If you're using a legitimate copy of Windows (most people are), turn the option for the automatic updates on and let Windows install all updates automatically. Many of the updates fix security flaws in the operating system and make it more difficult to become infected. For those who purchased a used computer that isn't from a well known manufacturer (Dell, HP...), and you can't afford to pay ~$100 for a new operating system, don't turn the automatic updates on. Many people will criticize me for suggesting that someone use a computer if they don't know 100% that the version of Windows is legitimate. I know that some people are struggling to make it and their children absolutely must have a computer for school work. This means that they may buy a used computer because that's all they can afford. If the automatic updates are turned on, the computer may cease to function properly if the version of Windows isn't legitimate or is one of the bootleg versions. It's all about being practical.

Different Types of Malware

There are many different types of malicious software. The following are the most common types:

Many people refer to all types of malware as viruses. To be more precise, viruses are malicious code that are designed to do damage. Some delete or corrupt files. These are the most damaging type of infection because you will, many times, lose important information.

Macro Virus:
If you've used spreadsheets or software like Word, you know that there are 'macros' that allow you to do common, repetitive tasks more easily. While these tools may be helpful, they are also a danger to your computer. If you open an infected document into a program that supports macros, the macro could perform some malicious task and cause you grief. If you don't know who sent you the document, don't open it.

A worm is a self replicating piece of malware that copies itself onto as many computers as possible. This type of software can bog down networks but usually doesn't purposely damage or delete files.

Trojans are malware the arrive within a seemingly benign piece of software or code. The malicious code can come in as a screensaver or even as an image file. They are designed to do several things but generally, they provide access to your computer to a hacker. Many times, the trojan will open a backdoor and allow access to information including passwords, personal information or any other information on your computer.

Hybrids are malware that are a combination of one or more of the previous types of malicious code. These will likely become more and more common as the malware writers seek to inflict the most damage possible.

Adware is software that is used to place ads on your computer. Typically, they are in the form of pop-ups. These are commonly loaded when you visit sites where you expect to get something (bootlegged/illegal software, free music...) for nothing. Some of offending software includes music download software (kazaa, grokster...), smiley face animations, screensavers, search bars (with a few exceptions), fancy cursors and in many circumstances codec packs. When you unpack/install the software, the installer program loads additional software onto your computer that spies on your surfing habits and loads ads to try to sell you something. These can easily overwhelm your computer and render it unusable.

To avoid problems with ads or undesirable tracking that are associated with any 'free' software, read the EULA (End User License Agreement) to learn the terms of use of the software you're downloading. The EULA is the text that you typically blindly agree to when loading software. If the software manufacturer/author is honest, they will spell out all of the terms of use associated with the software. They should tell you what information is gathered and how it's to be used. It should also tell you if other software is to be bundled with it. If other software is in the package, you may need to find the EULA for the respective software.

A dialer is a piece of software that uses your modem* to call very expensive sex chat lines. It can do this without your knowledge (until you get your phone bill).

*: Even if you have broadband service, you may still have a modem. Many people have the ability to send faxes with their computer. The fax software may require a standard phone line hook-up to be able to dial the other fax machines. If this is the case on your computer, be very careful about what software you download from the internet.

Malicious keyloggers (a form of trojan-horse malware) monitor and report keystrokes (on your keyboard) to a third party. Typically they are used to capture passwords and other sensitive information. The information collected is often used for credit card fraud. Some of the software recommended on this page detects a few keyloggers. If you want the best protection against this type of malware, you need to use a dedicated anti-keylogging program. A Google search should turn up quite a few. If you find one you think you want to use, do a search for it specifically to see if it's a legitimate program. Check Major Geeks for applicable software.

This is a relatively new type of malware and can be very costly. Some forms of ransomeware lock or encrypt files on your computer. To regain access to those files, you have to pay the malware producer/distributor for the key to unlock/decrypt the files. There's no guarantee that they will send you the key after paying them. Another type of ransomware involves downloading erotic games/applications. When you do so, it gathers enough information to identify you. It then starts taking screen shots from your computer. They then post the images you've been viewing (some could be embarrassing) on a web site. To have them removed, you have to pay the ransom. As you can see, it's very important to have good security software and to be very careful what software you download.

Phishing is a type of email that tries to get you to divulge personal information. For example, a phisher may send out generic emails that seem to be from Yahoo mail. The email may tell you that there was a server crash and you need to send various details (name, date of birth, high school, mother's maiden name, social security number...) to prevent their account from being closed. For those who use Yahoo mail (and don't know better), it may seem legitimate. It's not. Yahoo won't ask those sorts of questions. If you send those details back the the sender of the email, it will make it much easier for them to steal your identity (get a credit card in your name, etc...). This can lead to all sorts of problems. Be VERY careful when you're asked for details.

Spear Phishing:
Spear phishing is much like phishing but instead of being vague and having nothing more than your email on the request, it has more details to make it seem a lot more credible. The details can be found, for many people, on social engineering sites. If you're a person that's been in various publications, more information may be available making the request seem that much more credible. Again, be very careful when you receive anything requesting personal information.


Many sites will will ask you if you want to install their fancy-pants toolbar to help you better search the net. In most all circumstances, do NOT do it. Most are adware/spyware infected and will cause more problems than they solve. One of the few exceptions is the Google toolbar ( When it asks if you want to allow anonymous usage statistics, tell it no. If you feel that you need more than one toolbar (from safe sites/companies), only have one active at a time. You can turn toolbars on and off in the browser you're using. If you have multiple toolbars active, it will take up more of the screen and allow less of the important content to be displayed.

The Yahoo toolbar and the eBay toolbar are also good, safe toolbars.

The following is an example of a toolbar that was 'bundled' with undesirable software. This one is the 'mywebsearch' toolbar. This is only one variant of this software 'package/bundle' so anything similar should be carefully examined. On the Fun Web Products web site, they state that the web search toolbar doesn't contain any malware and that may be 100% true but every time I've seen the toolbar offered, it was bundled with other software. If you have this toolbar, run all of the software recommended throughout this page to check for problems. In the following Flash Graphic, you can right click and zoom in on the toolbar to better see what's on it. Use the left mouse button to move the desired area to the center of the window (after zooming). Notice the screensavers, smileys and cursors. These are common hooks to get younger people to download crapware.

During testing to see what was installed on a computer when a particular piece of software was downloaded, I loaded the previous toolbar from a random internet site. After the toolbar was loaded, a dialer appeared in the next scan of the machine (even though the machine was previously scanned and was clean and no other software was loaded between the two scans). I believe the dialer was bundled with the toolbar. Since I didn't remember where I downloaded the first copy, to be fair, I went directly to the Fun Web Products site and downloaded a copy from them. The new copy did NOT include a dialer. It did, however include the MWSOEMON.EXE program that ran in the background. From researching this, it looks to be some sort of malware. You can search for yourself to come to your own conclusions.

If you need to download software, only download from reliable/trusted sites like MajorGeeks. This is the first place I go when I need software. They typically have several choices for each type of software I need. If you're downloading bootlegged software from warez type sites, you are VERY likely to get infected.

If your browser or a web page asks you to download a piece of software in order to do something on a web page and it's not a from a well known company (Microsoft, Macromedia, Adobe...), it's possibly infected with spyware, a trojan or browser hijacker (this is very common on adult sites, free mp3 download sites...). If you absolutely have to download a piece of software, do several Google searches (web and groups). In the search, include the name of the software and one of the following words virus, spyware, trojan or worm in each search. If you include all of the key words in a 'single' search, you may not get reliable results. If any of the searches returns information that indicates that the software may include malicious code, don't download it.

Don't download anything that offers great deals or better web searching. If you want a good deal, go directly to a well respected web site. If you want a good search engine, use Google. Many of the smaller search engines use Google anyway.

Fake Anti-Virus

Fake AV software is everywhere. If you suddenly have something pop up on the monitor showing a scan in progress and then showing multiple infected files and it's not the anti-virus program you're using, you're likely infected with malware from the scanner that popped up. One tell-tale sign is when they require you to pay to get rid of the infections. In most cases, paying the maker of the fake AV software will only get rid of the pop-ups for a while but will NOT clean your computer. The supposedly infected files were likely not infected at all and the software that created the pop-ups will remain on your computer. Getting rid of this type of malware can be difficult because the people who distributed it can make a lot of money from those who pay them to get rid of the pop-ups. There are several free online scanners that can be used to check your computer if you think you're infected and don't currently have an active anti-virus program on your computer.

Trend Micro - Housecall
BitDefender Free Online Scanner
Kaspersky Free Online Scanner

For malware that's not removable with the previous scanners (this is becoming more common), you may need to use a program called ComboFix. It's not quite as polished or user friendly as the previous scanners but sometimes it's the only program that can clean a computer. The following link has the latest version for download and links to techs that can help you get your computer clean again.

Bleeping Computer - ComboFix Download

Quick Scanners

There are several quick scanners that will scan your system for active threats in less than a minute. It's good to use this type of scanner before you enter any sensitive information (for online banking, purchases, etc.). The one below is from BitDefender. It will install a small icon on the toolbar of your browser. Just before entering any passwords or credit card information, click the icon and let it scan. If it states that there are no threats, you should be safe (the word 'should' is used because nothing is 100% foolproof). Remember to use it every time you enter sensitive information.

BitDefender Quick Scan

Pre-emptive Measures

Avoiding Trouble:
If you have a broadband connection (cable/DSL), you are at risk of being infected. Many virus and trojan infections can be acquired by simply having your computer on. There are programs that do nothing more than search for open ports on a machine and then try to infect that machine. After a machine is infected, it too may become one of those machines looking for other vulnerable computers. There are several ways to protect a computer.

Hardware Router/Firewalls:
A router is a device that connects between your broadband modem and the LAN card in your computer. It helps to block infection by preventing other computers from directly accessing your computer. When you access the internet, you use an IP address. This address identifies your computer. If some malicious software pings your IP address and gets a response, it may try to access your computer. A router breaks this link by giving your computer a different IP address. When a computer pings the router it will not be given access to your computer. This is called a Network Address Translation firewall but it can typically only protect against incoming threats. It monitors the requests that you send to retrieve files. If the incoming packets don't match something that you requested, it drops them. To confirm that your firewall is working properly, you need to test it. There are several (safe/legitimate) sites that will try to get past your firewall to see if it's working properly. The following are a few of them.

Symantec Security Check (installable or on-demand)
Hacker Watch - Test Your Firewall
ShieldsUP! - Gibson Research

Software Firewalls:
As was stated above, most routers act as a firewall but you also need a software firewall. The software firewall prevents access to your computer or access to the internet by setting up a set of rules that determine which programs have access to the internet (incoming and outgoing). My favorite is PC Tools Firewall Plus from The free version works well and is relatively flexible. Download and install this program to help prevent infection and re-infection. If the firewall asks if a particular program should have access to the internet and it's not a piece of software that you're using or installing at the moment, tell it that it can not access the internet (it could be a trojan or similar piece of malware). If you accidentally block a piece of software from accessing the net, you can change the permissions easily in the firewall control panel. If you can't use or don't like PC Tools Firewall Plus, Kerio and Sygate are also good firewalls.

If you don't need to monitor traffic and don't need any of the special features that the previously mentioned firewalls offer, simply use the firewall built into Windows. In Win7, the easiest route to the firewall dialog box is through the search function. Click the 'start' button and in the search box, type firewall. At the top of the search window, you'll see Windows Firewall with Advanced Security. Click that. When you do, a dialog box like the one below should be displayed to tell you if the firewall is on or off.

If any of the items have a red shield with an X instead of a green shield with a check, click the properties link to the right and turn it on.

The properties dialog box has several tabs. Click the relevant one to switch the firewall back on.

On many computers, you'll be alerted to problems by the action center flag. When there is a red circle with an x in it, there is a problem. If you click the flag, you will be given options. Here, it's allowing you to turn the firewall back on.

Anti-virus Software

Anti-virus software protects your computer from virus infection. Some also protect against other infections but they are primarily designed to protect your computer from malicious, damaging software. The AV software is designed to run automatically when you boot your computer. If you don't want to spend the money on AV software, there are several that are free. Microsoft Security Essentials was mentioned at the top of the page. As was stated, it's the least intrusive AV software that I've used. I've had good luck with Anti-Vir. You can download it from MajorGeeks. After you install it, run the internet update (right-click on the icon in your systray). Anti-Vir will automatically remind you to update the software. If the AV program doesn't run a complete search on your machine when it's initially installed, do so manually (right-click on icon in systray). As with most free anti-virus programs, there are pop-ups that the software uses to either generate revenue or to try to get you to buy the full version of the software. Microsoft Security Essentials has none of this. Also, most free anit-virus software is not allowed to be used on business computers. Again, this is not an issue for Microsoft Security Essentials.

Cleaning Infected Machines

To clean infected machines, I recommend that you run the following software. All can be downloaded from MajorGeeks. It's a good idea to run them on a regular basis to see if you're computer is infected (even if it's not currently showing signs of infection). Be sure to update them each time you use them. There is usually a link in the window that allows easy updating.

Anti-Vir (this is my first line of defense)

MalwareBytes (after I've scanned a computer with the resident anti-virus software, this is the next scanner I use)

Spybot Search and Destroy (use the immunize function after cleaning your machine)

SuperAntiSpyware (Similar to MalwareBytes)

Hijack This (for advanced users or those working within a forum of computer experts)

Many of the Anti-virus vendors have 'rescue' discs that can be used outside of the Windows operating system. The software is burned to a CD. You load it into (or leave it in, after burning) your CD drive and re-boot your computer. If your computer tries to boot to the CD drive before it tries to boot to the hard drive (this is a common configuration), it will boot to the anti-virus program (or sometimes give you the option to boot normally or to the anti-virus program). Once the AV software boots, it will begin scanning (or give you options on the type of scan you want to perform). This type of scan cannot be disabled by malware as can happen when scanning inside the Windows environment. THIS is the link to the Anti-vir download page. The ISO file is an image file and you'll need software to burn it to a CD. If you double-click on the ISO file (after downloading) and the file doesn't open or you're asked what you want to open it with, download ImgBurn. It's a free CD/DVD burning package that's very good and very intuitive. After installing ImgBurn, double-clicking on the ISO file should open ImgBurn and start the burning process.

Spybot Search and Destroy:
Spybot has a 'tea timer' function that allows it to monitor many of the system settings. When something like a virus or trojan try to change a system setting, Spybot S&D will alert you to the attempt to change the settings and will allow you to decide whether you want to allow the setting to be changed. When using it, you need to update it regularly. Each time it's updated, you need to 'immunize' the system to allow the system to be protected from the newly added malware. It also has a scanner that can remove many of the types of adware that are picked up when surfing the net.

If you're going to download software, I recommend that you only do so from safe sites. MajorGeeks is safe and all of their software has been certified free of malware. There are other 'safe' sites but many of them try bundle crapware with the downloads. Some of the software on the MajorGeeks site will have offers for toolbars and such inside the downloaded software but these are included in the software no matter where it's downloaded from.

System Restore:
Windows XP and later versions of Windows have a feature designed to roll-back settings to a previous date. It's called System Restore. When malware infects your computer, you can sometimes use System Restore to return all settings to what they were at a previous date. If you were infected yesterday and go back to a restore point (covered on page 38 in the directory) made a week ago, there's a good chance that the malware won't won't load when you reboot (after going back to the older restore point). Some malware defeat this function so you can't always do this but it's sometimes an easy fix.

When you run any of the above software, you need to do so in SAFE MODE. This prevents the malware from protecting itself. For XP/Win7 users, you also need to turn off the SYSTEM RESTORE function (do this only after you've found that you're actually infected and the software can't get rid of the problem). This will prevent the malware from being automatically repaired when you reboot. Remember to enable system restore when you have completely cleaned your system.

If your machine has multiple user names, I'd recommend deleting all of them except the main user (which is also the administrator). Sometimes, having multiple users makes it difficult to get a machine completely cleaned. There is an option to save all of the files from each user so nothing will be lost.

After the machine is clean in safe mode, run the scans again in normal mode. You may have to run all of the software I recommend on this page several times to clean a badly infected machine. Remember that the people that write the malware are very knowledgeable about computer systems and know how to avoid having their malware removed. It may take several tries and several Google searches to be able to remove some of the worst offenders.

If you are knowingly infected, the following software may be able to help. If your computer is infected with some viruses, you will not be able to run it from your hard drive because it will become corrupted by the virus. Burning it to a CD on a clean machine will allow it to run on your infected machine.

McAfee AVERT Stinger

It's important that you do not infect your 'clean' computer by transferring writable media (USB flash drives, etc...) from the infected computer to your clean computer. If you can find a USB flash drive that has a 'write-protect' switch, you can safely use it to transfer files. Since it's difficult to find a USB flash drive with a lock on it, you can use a lockable SD card and a USB card reader. You can use an old, small capacity SD card (1GB is plenty). Even if you have to buy the card reader and an SD card, it will only be about $12.

Unlock the SD card to load files from clean computer. LOCK the card. Insert the card reader in the infected computer and transfer the files or install the software that you need to use to clean the infected computer. Remember to lock the SD card BEFORE installing it in the infected computer to prevent the transfer of the infection to the SD card (which could infect your clean computer). Some malware will try to propagate by loading itself onto any writable media. In the following photo, you can see the lock on the side of the SD card. If you're unsure that it's locked, try transferring a file to it (when it's in the clean computer) to see if the computer will write to it. It should not and should give you an error message telling you so.

The following card reader can accept either SD cards or micro SD cards.

Security Forum Help:
There are several good forums that will help you purge your system of malware. They will generally tell you to run free downloadable software then post the log files (text files saved by the software) on the forum. After each log is posted, they'll analyze it and tell you what to do next. If you do this, please do PRECISELY what they tell you to do in the order they tell you to do it. They know how to get around the protection schemes used by the malicious software. If you don't understand something, explain in precise language what you do not understand. They will explain what you don't understand. Do NOT skip a step because you don't understand something. If you're looking for such a forum, there is a Malware Forum on MajorGeeks. If you use Google to find a forum, make sure that they're using the basic process I've described here. If they're asking or trying to force people to buy software, go elsewhere.

Tips to Prevent Infections and Other Problems

* After you have your email address for a while, you'll begin getting unsolicited email asking you to help someone distribute money or to get money out of a foreign country. These are essentially all people trying to get you to send them money. They will do it in a way that will make it unrecoverable. These scams have been going on for much longer than there has been an internet. I remember reading about some that were done via snail mail in the early 1900s. Don't fall for these scams. The people running them are very good at trying to make you feel guilty for not helping them. If you want examples of these types of schemes, visit the 419 Baiters page (not now, continue reading this page until the end).

* When you visit some sites, they will tell you that you need to allow the installation of software to continue. On well respected sites, the option is entirely yours. If you decide not to download the software, you will still be able to browse the page but the functionality may be reduced. On less well-respected sites, the problem is that the only apparent choice you have is to click on the dialog box to allow the software to be loaded onto your computer. On those sites, you can not go 'back' and the dialog box is 'locked' on top of the browser window. One option you have is to hit ctrl-alt-delete. This will bring up the task manager. Click on the 'processes' tab and end all of the IEXPLORE.EXE processes. This will close the browser windows. After all of the windows close, you can re-open the browser and visit a different site. If you download the requisite piece of software, it's likely that you will have downloaded some sort of malware. Of course, downloading software from companies like Microsoft, Macromedia and Adobe is perfectly fine. It's when you're 'forced' to download software from less well known companies that you run into trouble.

If you're using Firefox, the process is essentially the same but in Firefox, it will try to open the pages that were open when you force them to close in the task manager. To prevent this from happening, close the new Firefox window as soon as possible when it attempts to open. When it restarts the third time, it will tell you that it can't display the previous window. When it does this, select 'new session'. This will open the browser to your normal home page.

* Do not use the computer with broadband service without the firewall AND virus software running. Both PC Tools Firewall Plus and Anti-Vir will have pop-up reminders about every 2 weeks asking if you want to update the software. You need to allow the software to update itself so that you have the best protection against the most recently produced malware.

* Do NOT click on any flashing banners that say that you've won a prize. This includes all of the little games that ask you to see if you can hit a target. Most of these 'games' are nothing more than gateways into the world of spam.

* Do NOT enter your email address anywhere except for legitimate sites (Wal-mart and other major retailers may be OK but you will likely be added to their mass mailing lists if you don't opt-out -- look for a 'check-box' that allows you to opt-out). When you enter your email on most sites, they will be added to a huge database that will email you with significant amounts of spam (undesirable email).

* Do NOT enter your email address or passwords into any email forms in unsolicited email. If it seems to be from a business you deal with, go directly to the business' site and log in to see if there is a request for information. If you think the email is from an unscrupulous source, forward it to the business that it appears to be from. Most of the time the proper address for this type of reporting is '' (i.e., Most businesses want to know when this type of email is being sent out and will respond quickly to it.

* When you see an address on a web site like it will generally have '' in the address. Even if it has a link to a different section of the site, you will see the 'ebay'com'. If you receive an email that contains what is supposed to be an ebay address and looks similar (i.e., you see that the '' is broken up and the address is likely not an ebay address. Also, when you receive an unsolicited email from a company, you should look at a couple of things. When you position your mouse over a link, look at the status bar (at the bottom of your browser window) to see if the link matches the text in the link. Try it with the following examples:

* Many times, the address will have a number instead of a name. In virtually all of the cases, these are sites to avoid. Most legitimate sites want you to be able to remember their names so they use a type address. Sites that use an IP address are more likely to have malicious intent.

* I strongly recommend against filling the 'auto-fill' forms such as those offered in the Google toolbar (or in any other software). Having this information on your computer in a location that's going to be common to many computers means that it will likely be targeted by trojans. In my opinion, it's best to take the time to fill in forms manually when it's needed on a web site.

Reducing Unsolicited Email

As you know, spam in email can be very frustrating. It takes time to go through it and find which emails are legitimate and which are ads. While many of the more respected merchants follow the rules that allow you to be removed from their mailing lists, most others don't. There are a few things you can do to help reduce spam in your email.

Most email services and email software have filters. The filters are set up to send email containing certain words or phrases to a given folder (usually the trash). For example, if you don't want any email containing offers for mortgages, you can set up the filter to send all emails with the word mortgage to the trash. Although many spammers get around this by changing the spelling or adding characters between the letters (m*o*r*t*g*a*g*e*s). Unless you see a word disguised a certain way many times, filters won't help and you'll have to delete them manually. In my opinion, you should NEVER deal with a company that tries to avoid filters. I've never seen a legitimate business employ such practices.

Address Blocking:
Many email services offer an address or domain blocking option. This means that, if you receive spam from someone using a particular address or from a particular domain like or, you can simply block all email from anyone sending email from that domain. This doesn't work for many spammers because they use harvested emails as their address but it is another tool that will help keep your inbox clear.

Turning Off Graphics:
Many spammers will use dynamically generated file names to find active email addresses. One such tool is to see when graphics are loaded from a given email. The file name generated for the graphics are linked to your email address. When that particular graphic file is called from their server, it tells them that your email address is active. If they know your email is active, they're more likely to send you even more email. If you have the option to turn off the graphics (as you can in Yahoo mail -- and likely other web based email services), use it. If you see that the email is from someone you deal with (someone who is not a spammer), you can then tell the browser to load the graphics. Otherwise, you can simply delete it and they will not know that you received it.

Don't Respond:
For respected merchants, you can usually follow the removal instructions at the bottom of the email to be removed from their mailing list. For other merchants and spammers, that's the worst thing you can do. For spammers, if you follow any link on the email (even the removal link), you will be telling them that your email is an active address. In the off chance that they actually remove you from their mailing list, there's a good chance that your email address will be put on a different list or sold to another spammer as a known active address. If you see a spammer using techniques to get around filters, you can be pretty sure that they are not very reputable. For those types of spammers, many times the best thing to do is to just delete the email.

: When you look at an image file name, you will notice that they end in .jpg, .gif .bmp or .png (there are others also). When someone is trying to get you to open a piece of malware, they may use a similar looking name but it will have an additional extension. For example, a file name like coolcar01.jpg is an image file name but a file name like or coolcar.jpg.exe would likely be malware.

The following extensions are a small sample of possibly dangerous file extensions. Note that .com is in there. This is not the .com on a web address. This is a Microsoft DOS program extension. You also see .zip. While .zip files are not dangerous, the files contained within them may well be dangerous. Some virus scanners may not be able to scan within the zipped archives so be very careful opening them. After unzipping them, scan them with virus scanning software to make sure that they're safe.

  • .pif
  • .exe
  • .scr
  • .com
  • .cmd
  • .bat
  • .zip
  • .dll
  • .hta
  • .vbs

Helping to Prevent Malware Propagation

The best way to prevent propagation is to prevent getting infected. This can be done if you always use a firewall and 'up_to_date' AV software. To prevent malware such as worms from sending themselves out to other computers on the net, you can help by removing their source of email names. When certain types of malware try to spread themselves, they look for all email addresses on your computer (in address books, html files, text files...) and they use those addresses as the next targets. While you can not prevent them from accessing all of the different types of files, you can help prevent them from using the addresses in your address book (in Outlook Express and other email clients). You should modify the addresses in your address book by adding a single letter or a short string of easily recognizable letters to all addresses. For example would become The xxx is easily noticed and removed when you need to send an email. If you don't modify the addresses and you get infected, a worm may send out infected files to all of the people in your address book. Since the recipient will know you and will likely trust you, they will likely open the file without thinking and will themselves become infected. Using an email service like Yahoo mail or Hotmail will help you to stay virus free (from those viruses that are delivered via email). I know that Yahoo uses AV scanning software on all incoming and outgoing email. The automatic scanning of the mail and the on-line address book prevent hackers from getting new addresses. Please note that scanning software is not foolproof. If something looks suspicious, don't download it.

Note on Faked Email Names:
If you are like me, you get a lot of infected email. Many times, the apparent sender did not actually send it. There are many robots that do nothing more than search the internet harvesting email names. Virus software can use those names in their efforts to propagate. If you receive an infected email from someone, it does not necessarily mean that that person is infected. If it's from a good friend, you may want to let them know that you received an email that appeared to come from their computer but it does not absolutely indicate that they're infected.

Backup Files:
There are a couple of pages on this site that will help you to protect files by backing them up but you should know the following at the very least. Malware can damage or lock files that are stored on your hard drive. One of the safest ways to store files is off of the computer on optical discs. Optical discs are the discs that you burn (CD, DVD and Blu-ray). If they're not in your computer, they cannot get infected (assuming that there is no infection when they're burned to optical disc). When burning to optical discs, do not use the fastest burn speed because that's not likely to give you the best, most reliable burn quality. Do not use cheap discs. Use only the highest quality discs. Taiyo Yuden and Verbatim are some of the most reliable. The More on CD and DVD drives page will help you learn to get good quality burns. The Backing up Your Hard Drive page will provide other options for file and operating system backups.

Recommended Sites

If you simply search the net for virus/spyware cleaning software, you will get hundreds of hits. Much of the software is bogus or is actually mal/spyware. I strongly recommend that you only download software from respected sites ( and others listed on this site)

Freeware Programs This site has a list of the most popular freeware programs. I've never had a problem with spyware or other malware from any of the programs that I've downloaded from the site.



You May Be Interested in My Other Sites
  • This site was started for pages/information that didn't fit well on my other sites. It includes topics from backing up computer files to small engine repair to 3D graphics software to basic information on diabetes.
  • This site introduces you to macro photography. Macro photography is nothing more than the photography of small objects. It can take quite a while to understand the limitations associated with this type of photography. Without help, people will struggle to get good images. Understanding what's possible and what's not possible makes the task much easier. If you need to photograph relatively small objects (6" in height/width down to a few thousandths of an inch), this site will help.
  • If you're interested in air rifles, this site will introduce you to the types of rifles available and many of the things you'll need to know to shoot accurately. It also touches on field target competition. There are links to some of the better sites and forums as well as a collection of interactive demos.
  • This site is for those who want to install or update their car stereo. It begins with the most basic electronics theory, progresses into basic transistor theory as well as covering virtually everything associated with car audio.

Contact Me:

Perry Babin 2005 - Present
All Rights Reserved

eXTReMe Tracker