View Full Version : Problem: iexplore.exe will not stay off processors
centeredzero
2006-01-18, 03:55
I keep having a problem with iexplore.exe, though I haven't used it for years. I know iexplore.exe has many loopholes and problems that could cause my computer harm, so i use another internet browser instead. As of now, i fear that iexplore.exe is downloading more and more trojans and malwares that I'm completely unaware of. I've done 3 scans, with 3 different anti-virus/ad-ware scanners. The results that did turn up I deleted, but this problem still stays. On one of the scanners i found on geeksquad.com, it told me many of my files were already infected with trojans and malware. Also there's this other process that starts up at startup which I was able to surpress... maybe they're linked to each other? (sjmqqaaa.exe)
shelf life
2006-01-20, 03:38
hi centeredzero,
if you still need help, follow the instructions about downloading, installing HJT. then scan and post a log in your next reply........shelf life
the link:
http://forums.spybot.info/showthread.php?t=288
centeredzero
2006-01-21, 16:13
Ok, so I've run the extra scans (Bit Defender and Trend Micro) and the iexplore.exe still acts the way it does. Here's the HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 9:08:46 AM, on 1/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\AntiSpyWare\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=6.1&bm=ho_search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bestbuy.msn.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vprmatrix.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - Global Startup: Post-itŪ Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Transfer with Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bestbuy.msn.com
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137641599937
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O21 - SSODL: IEFilter - {CCDB2291-7244-4DCA-9DE4-99F8B49A224D} - C:\WINDOWS\system32\IEFilter.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Thanks
-Ben
shelf life
2006-01-22, 01:28
hi centeredzero,
scan with HJT, put a checkmark beside the items below, close all windows and click fix checked.
O21 - SSODL: IEFilter - {CCDB2291-7244-4DCA-9DE4-99F8B49A224D} - C:\WINDOWS\system32\IEFilter.dll
other than that your log looks good.
shelf life
centeredzero
2006-01-22, 17:17
I've deleted it... multiple times.
O21 - SSODL: IEFilter - {CCDB2291-7244-4DCA-9DE4-99F8B49A224D} - C:\WINDOWS\system32\IEFilter.dll
continues to show up everytime I scan with HJT. Not only that but the iexplore.exe process continues to start up over and over again. I terminated the process before I deleted the file above to make sure there would be no error deleting it. Not only that but the iexplore.exe process continues to restart itself over and over again. I say restart because when i terminate it it would restart, and when it commits an error about every five minutes it restarts itself. It gets very annoying when the "send error report" window keeps popping up.:banghead:
Thanks. cZero
shelf life
2006-01-23, 05:16
hi centeredzero,
download,install,update and run ewido security suite:
1. Download Ewido and install
Ewido Security Suite. It is a free trial version of the program:
http://www.ewido.net/en/download/
2. Install ewido security suite
3. Launch ewido, there should be an icon on your desktop double-click it.
4. The program will now go to the main screen
You will need to update ewido to the latest definition files.
1. On the left hand side of the main screen click update
2. Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use Ewido manual updates
Once the updates are installed do the following:
1. Click on scanner
2. Click on Complete System Scan and the scan will begin.
3. NOTE: During some scans with ewido it is finding cases of false positives.**
o You will need to step through the process of cleaning files one-by-one.
o If ewido detects a file you KNOW to be legitimate, select none as the action.
o DO NOT select "Perform action on all infections"
o If you are unsure of any entry found select none for now.
4. Once the scan has completed, there will be a button located on the bottom of the screen named Save report
5. Click Save report.
6. Save the report .txt file to your desktop.
------------------------------------------
if the 021 item shows in a rescan with hjt, post saved ewido log......shelf life
centeredzero
2006-01-23, 22:54
It keeps respawning... Am I doing something wrong?
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 3:52:49 PM, 1/23/2006
+ Report-Checksum: F8BCDDD
+ Scan result:
C:\Documents and Settings\ben\Cookies\ben@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\ben\Cookies\ben@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\ben\Local Settings\Temp\Del78.tmp -> Adware.180Solutions : Cleaned with backup
C:\WINDOWS\pxwma.dll -> Adware.Webdir : Cleaned with backup
::Report End
shelf life
2006-01-24, 03:21
hi centeredzero,
that thing just dosnt want to leave.
no your not doing anything wrong.
start hjt click on the "open misc tools section"
click on "delete a file on reboot"
copy/paste this in the file name window, then click on open:
C:\WINDOWS\system32\IEFilter.dll
you will get a prompt about restarting the computer, select yes.
or you could reboot into safe mode then manually look for the file in the system32 directory to delete it.
in any case after doing one or the other, rescan and post a another hjt log
centeredzero
2006-01-24, 06:30
Logfile of HijackThis v1.99.1
Scan saved at 11:24:13 PM, on 1/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe
C:\Program Files\Avant Browser\avant.exe
C:\AntiSpyWare\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=6.1&bm=ho_search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bestbuy.msn.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vprmatrix.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - Global Startup: Post-itŪ Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Transfer with Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bestbuy.msn.com
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137641599937
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
The problem seems to be resolved for now, but I'll continue to monitor the processes. Thans for all the help.
Off subject, what does csrss.exe and alg.exe actually do?
I won't reply unless there is another problem concerning iexplore.exe.
shelf life
2006-01-25, 00:37
hi centeredzero,
good.
csrss.exe is part of windows operating system. see this link from m$:
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prmc_str_elqj.asp
alg.exe is part of windows built in firewall.
some reference material for you:
Make sure you keep your Windows OS current by visiting Windows update (http://v4.windowsupdate.microsoft.com/en/default.asp)
occasionaly to download and install any critical updates and service packs. With out these you are leaving the backdoor open.
Also download, install and keep updated- Antivirus Software (and use only one):
Free for home users:
avast! 4 Home Edition Download (http://www.avast.com/eng/free_virus_protectio.html)
AVG free version 7.0 (http://free.grisoft.com/freeweb.php/doc/2/)
AntiVir Personal Edition (http://www.free-av.com/)
Adjust your browser settings: Change your(active x) settings in IE. With IE open go to tools, internet options, security tab. Click on the internet globe, then custom level. Set the first option "download signed active x controls" to prompt, the next two to disable. Read more:
Internet Explorer Privacy & Security Settings (https://netfiles.uiuc.edu/ehowes/www/btw/ie/ie-opts.htm)
Working with Internet Explorer 6 Security (http://www.microsoft.com/windows/ie/using/howto/security/settings.mspx)
Many exploits are directed at Internet Explorer, you dont have to use it. Try a different browser.
Like Firefox (http://www.mozilla.org/products/firefox/),
And Pegasus Mail for a safer e-mail, no tweaking needed. (http://www.pmail.com/)
Outlook Express with the default settings is not secure. It will run scripts, download images etc, just like a browser.
look here (http://www.codecutters.org/outlook/)
and here (http://www.tames.net/security/oesettings.htm)
Install a firewall. A firewall will control what comes in from the internet and what leaves your computer to the internet. A firewall will also alert you when a application trys to connect to the internet from your computer, this is a good way to catch crapware or trojans, trying to connect out bound from your computer- whats that and why does it need a internet connection? You can deny it access it until more investigation is done. Zone Alarm is a free and easy to use firewall, that will provide in and outbound protection. Microsoft XP firewall only provides inbound protection. SP2 adds in and out bound protection which is better than nothing, but is not as robust as third party firewalls, Be sure to run only >one< firewall.If you use another, be sure to disable XP's built in firewall. If you use Zone Alarm learn what needs/uses your internet connection. If something unusal or out of the ordinary "asks" deny it access until more investigation is done.
Zone Alarm (http://www.zonelabs.com/store/content/home.jsp)
Kerio Personal Firewall (http://www.kerio.com/us/kpf_home.html)
Outpost Firewall (http://www.agnitum.com/products/outpost/)
Sygate Personal Firewall (http://smb.sygate.com/products/spf_standard.htm)
Tiny Firewall (http://www.tinysoftware.com/home/tiny2?s=5375286922906434776A0&&pg=content05&an=tf6_home)
BlackIce (http://www.digitalriver.com/dr/v2/ec_dynamic.main?SP=1&PN=10&sid=26412)
Download one or two of these, install and update before using:(if these are constantly finding malware, then you need to make changes to your browser and or your habits)
CounterSpy (http://www.sunbelt-software.com/)Free trial version
Spybot Search and destroy (http://www.safer-networking.org/en/index.html)
Ad-Aware SE Personal edition (http://www.lavasoft.de/)
Microsoft AntiSpyware (beta version) (http://www.microsoft.com/athome/security/spyware/software/default.mspx)
Becarful with spyware "removers and scanners"-- there are many "rogue/suspect" (http://www.spywarewarrior.com/rogue_anti-spyware.htm) programs that "claim to remove" spyware.Check here first.
Other programs to consider:
Process Guard (http://www.diamondcs.com.au/processguard/) stop events/processes with user intervention
SpywareBlaster (http://www.bleepingcomputer.com/forums/index.php?showtutorial=49) add security to IE
IE-SPYAD (https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD) adds adware peddlers sites/domains to IE restricted zone
CleanUp (http://www.stevengould.org/software/CleanUp/index.html) cleans out temps,history, autoforms etc
AntiTrojan software to fill in the gap:
a2 free (http://www.emsisoft.com/en/software/free/)
Ewido Security Suite (http://www.ewido.net/en/)
Trojan Hunter (30 day trial version) (http://www.misec.net/)
TDS-3 trail version (http://tds.diamondcs.com.au/) discontinued as of 07/05
Tauscan trial version (http://www.agnitum.com/products/tauscan/)
Learn More:
Browser Checkup (http://www.jasons-toolbox.com/BrowserSecurity/)
Parasite Free (http://www.doxdesk.com/parasite/prevention.html)
Safe Hex (http://www.claymania.com/safe-hex.html)
Shelf Lifes site (http://security-central.us/SafeHex/index.htm)
Home Computer Security (http://www.cert.org/homeusers/HomeComputerSecurity/)
Wilders Security Advisors (http://www.wilders.org/index.htm)
Watch what you download, and where you download it from. Many programs come bundled with extra software.You may be installing more than you think. Make sure you understand what it is you will be downloading and installing to your computer. Visit the makers website, learn more about the program, Does the program you want come bundled with other "3rd party" programs? What do the 3rd party programs do? Will they deliver ads? Track your surfing habits?. Read the EULA agreement, you know, that paragraph of stuff you "agree to" before the software installs? If you search hard enough you can always find a "clean" alternative to any software. Stay away from warez and crack sites. Becarful what you download from file sharing networks. If you are not sure, scan it with your Antivirus app. A small file (in KB) is probably not what you think it is. Do you trust the source?
As the problem appears to be resolved this topic will be archived.
If you need it re-opened please pm me.
Glad we could help. :)