I have a coworker that downloaded what he though was an Excel spreadsheet and it came with what he thought was a .zip file, but was really a double extension .zip.exe file. Unfortunately he ran it and was infected with Smart Fortress 2012, which appears to be a fake AV. It took me 2 hours to research it and get it cleaned up. I think we should be able to bill them for the lost productivity of 2 people for 2 hours. Is CNET just a malware site now? It's about to get blacklisted here. P.S., Microsoft Security Essentials did nothing.