kiron, one reason why you are getting malware-infections is because you have an old, out-dated version of “java” installed on your computer…
it is best to not have “java” installed but, if you have to have “java” installed, you need to keep it up-to-date… besides keeping “java” up-to-date, you also have to be sure to uninstall all of the old versions of “java”…
i assume that you use “internet explorer”… it would help to use the “firefox” browser, instead, along with the “noscript” and “adblock plus” addons…
if you are going to use IE, you could use high security-settings with it, but that can be a problem, sometimes… it is a LOT easier to use “firefox”, along with the “noscript” and adblock plus" addons, than it is to use IE, with high security-settings…
to use high security-settings with IE, in IE’s settings, on the “security” tab, use high security-settings for all of the zones except for the “trusted sites zone”, where you would use the medium security-setting…
using high security-settings in IE restricts “javascript”… for webpages where you need for javascript to run, add those to IE’s “trusted sites zone”, where javascript is allowed to run…
so, i am telling you how you could make IE secure, by using high security-settings, but it is a lot easier to use the firefox browser, along with the “noscript” and adblock plus" addons, instead…
i have read a couple of articles that said that some exploit-kits, today, check to see if the person has java installed and if they are using IE… if not, they won’t even try to run… that says something, which is, if you have java installed and you use IE (without high security-settings), it is game over…
some people might say that it is OK to use “java” as long as it is up-to-date, but i have no confidence in oracle… some people have criticized the most recent version of “java”, pointing out that, because of oracle’s gross negligence, it is very easy for cybercriminals to use the latest version of “java” to install malware on people’s computers, as they have been doing for many years, already… personally, i don’t believe that that was an accident, especially after all of the problems that “java” has had in the past… i think oracle is deliberately making it easy for cyber-criminals to use “java” to install malware on people’s computers…
the vast majority of people don’t need java… for most people, the only things that they might actually use “java” for is playing the game “minecraft” or playing games at “pogo.com”… i can live without playing “minecraft” or games at “pogo.com” so i can live without “java”…
“oracle fails security 101 test”:
http://nakedsecurity.sophos.com/2013/09/17/oracle-java-fails-at-security-in-new-and-creative-ways/
besides keeping “java” up-to-date, if you have it installed, you need to keep everything else up-to-date as well…