Internet Explorer 8 Crashes on Manage Add-Ons

Problem: In IE8, when you click to Tools –> Manage Add-Ons, Internet Explorer crashes with a Data Execution Prevention error.

Symptoms: Application Event Logs show Event ID 1000 – Faulting Application iexplore.exe

I tried reinstalling IE8, but that did not help

Solution: For me, the problem was due to a faulty ActiveX control or Java applet. Go to C:\WINDOWS\Downloaded Program Files and check the status of the controls There, I found one add-on that had a status of “Damaged”. Some were also “Unknown”. Others were “Installed”. You can right-click on the add-on and select “Remove”. I actually removed them all, then reinstalled my Java.

Internet Explorer 8 – Does Not Remember Password

Problem: Internet Explorer 8 won’t remember the user’s password information for a website

Symptoms:

User starts IE8, types in “salesforce” in the address bar, which automatically brings him to to Salesforce.com. He clicks on the Login link, enters his Username and Password, checks off the box that says “Remember User Name”, and goes about his work. Afterwards, he closes out IE8 and then reopens it later on. He proceeds to Salesforce.com again, but it takes him to the login page and prompts for the password (User Name field is already populated). It should remember his password and log him in automatically.

Solution:

I added salesforce.com to the list of websites to be always allowed to use cookies (in the Per Site Privacy Actions in the Privacy tab of Internet Options). The change did not work. Next, I tried deleting all browsing history and made sure the “Preserve Favorites website data” was checked off (Press the Delete button under Internet Options –> General Tab –> Browsing history) and the “Delete browsing history on exit” option was NOT checked off . This too, did not work.

What did work was deleting all the salesforce.com bookmarks from the user’s Favorites!

Potent malware link infects almost 300,000 webpages • The Register

Make sure your IE has the up-to-date patches (or switch to Firefox) and update to the latest Adobe Flash

Potent malware link infects almost 300,000 webpages • The Register.

A security researcher has identified a new attack that has infected almost 300,000 webpages with links that direct visitors to a potent cocktail of malicious exploits.

People who visit infected pages receive an invisible link that pulls code from a series of sites tied to 318x .com. The code looks for insecure versions of Adobe Flash, Internet Explorer, and several other Microsoft applications, and when they are detected it exploits them to surreptitiously install malware known as Backdoor.Win3.Buzus.croo. The rootkit-enabled program logs banking credentials and may do other nefarious bidding, Landesman said.

Another program which can help determine if you have all the latest updates and patches for your installed applications is Secunia PSI.

helper.dll and _helper.dll removal

Problem: User has Trojan/Adware BHO

Symptoms:

  • Internet Explorer crashes
  • Performance degradation. Took more than 10 minutes to log into the computer
  • At bootup/startup, the “C:\Program Files\Common” folder opens up automatically and contains helper.dll and _helper.dll
  • Popups/Ads indicating viruses are present

How to remove helper.dll and _helper.dll
1. Download and run HijackThis
2. You will probably see two entries like these:

  • O2 – BHO: Browser Helper Object – {AFD4AD01-58C1-47DB-A404-FBE00A6C5486} – C:\Program Files\Common\_helper.dll
  • O18 – Filter: text/html – {921b3402-a7b7-411d-84a6-70f617503fe9} – C:\WINDOWS\system32\dsound3dd.dll

3. Place a checkmark next to both and click on “Fix checked”
4. Download, install, and run CCleaner
5. Download, install, and run Malwarebytes (don’t forget to update the definitions before scanning)
6. Scan your machine using AntiVirus software
Online Scanners:

Or Download:

7. After bootup, you still may have an issue with the “C:\Program Files\Common” folder opening up automatically. Delete the folder since it was created by the Trojan, it should be empty; and is not necessary. If you want to keep it,you can also do the following:

1. Open up the registry (via regedit.exe)
2. Navigating to the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
3. Make sure all Data values under this key are surrounded by quotation marks.
4. Exit out and reboot.

For more information on this particular threat: