I am trying to get a better understanding as to how these spywares manage to get onto a system. All my searches only found ways to clean up after they get in, but has anyone ran across a thread discussing ways to stop/prevent them from getting on a system to begin with? I am faced with helping someone clean up a system. Found on the box are: clrschp070.exe, msbb.exe, slmss.exe. And two other questionable processes which I can't find any info on: ucaa.exe and wtssvsu.exe. The box has never been use on any free ISP, therefore ruling out supporting free service ads. One other assumptions can be made to guide this discussion: the box has never been used to surf a porn site, ruling out a dialer being planted by one of those sites. Having said that, does anyone have some ideas as to how they are getting on this, and other, victim PCs? - Are legit sites being hijacked and planted? - Are they using some OS vulnerability? - Are they using some browser vulnerability? I realize that jacking up the browser security settings can prevent some of these infestations to begin with, but let's assume the PC is only use to access legitimate sites where they don't try to plant stuff like this on you. Any thoughts or feedbacks are greatly appreciated. Please advise if I am should be posting this at a more relevant thread. Thanks!