ridgerunner

The reason I ask a specific question here is that I assume that you folks are already malware experts. Your generic response: "If you want an answer to your question, go to school somewhere else and learn it for yourself" is not terribly helpful (and certainly does not answer my question). But thanks anyway for responding. Once again, can anyone answer this (not-so-simple) question: "Exactly how, via a web browser, does the av.exe rogue trojan gain access to the CPU?" Note that: "Clicking on a pop-up ad." is not an answer! I've been programming professionally for 30+ years and am interested in getting a technically detailed answer. Note that I myself have never installed any anti-virus software on any of my own machines and have never been infected (knock-knock! Although I do install anti-virus on machines that I set up for my clients). However, I *do* use a hardware firewall, don't use IE unless absolutely necessary and never open any suspect email attachments. I also never browse the seedier side of the internet. I just can't understand the mechanism of how an executable can gain access to the cpu from a web site via a web browser (except of course through active-x). Yes, one can place an exe file on a web page and someone can download and run it - that is obvious. But that requires that someone explicitly click on a "Run" or "Open" button after it is downloaded.

I am aware that there are many ways into a computer, but this one got into my friend's box from simply browsing using IE. There has to be an executable with file access getting runtime one way or another and HTML/CSS/Javascript certainly can't do it alone. I'm very curious and would like to understand the precise entry mechanism. How can an executable get from a website through Opera into memory and then get CPU time? The only other thing besides active-x that I can think of would be Flash? But does that allow access to the file system? Complex, yes. Can you please elaborate?

Great description of the problem and solution for getting rid of it. But can someone explain how this rouge gets into the computer in the first place? I'm guessing that it has something to do with Internet Explorer and an active-x control - and someone clicking where they shouldn't have. Is there an article somewhere that describes the details of exactly how the program manages to install itself? When my friend got this last week, I was able to get rid of it with some difficulty, and when it was finally gone I recommended her to stop using IE (except for those few websites that won't work without it), and switch to Firefox and that will prevent it from ever happening again. Is this true?