The reason I ask a specific question here is that I assume that you folks are already malware experts. Your generic response: "If you want an answer to your question, go to school somewhere else and learn it for yourself" is not terribly helpful (and certainly does not answer my question). But thanks anyway for responding. Once again, can anyone answer this (not-so-simple) question: "Exactly how, via a web browser, does the av.exe rogue trojan gain access to the CPU?" Note that: "Clicking on a pop-up ad." is not an answer! I've been programming professionally for 30+ years and am interested in getting a technically detailed answer. Note that I myself have never installed any anti-virus software on any of my own machines and have never been infected (knock-knock! Although I do install anti-virus on machines that I set up for my clients). However, I *do* use a hardware firewall, don't use IE unless absolutely necessary and never open any suspect email attachments. I also never browse the seedier side of the internet. I just can't understand the mechanism of how an executable can gain access to the cpu from a web site via a web browser (except of course through active-x). Yes, one can place an exe file on a web page and someone can download and run it - that is obvious. But that requires that someone explicitly click on a "Run" or "Open" button after it is downloaded.