Hi Longboard. If you are talking about installing Firefox, you would simply disable AM and install firefox (this way it is trusted, and you want it the actual installation out of the bufferzone in case you one day decide to 'Clean BufferZone'. If you are talking about running firefox...AM has a small list of browsers that when executed, run in the BufferZone. Firefox is one of those Browsers. AM allows installation of malware (but not through drivebydownloads), and technically, AM would allow them to run...but : 1. they would not autostart (which all spyware, trojans and worms want to do) 2. they can't modify trusted files (eg viruses; and some s/t/w in order to autostart) 3. they can't install drivers <actually, if I understand right, they can, but they are rendered inoperatable> 4. they can't install hooks (used by keyloggers) 5. they can't inject dll's (method of bypassing security) A number of other things they can't do, but those would be the important ones. Basically, they are allowed to install, because AM does not detect good or bad, it simply makes new programs <installed while AM is running> untrusted. Untrusted programs can't effect your system <because AM prevents untrusted programs from doing bad things>...ie malware is rendered useless, even if they get onto your system. Unfortunately AM is not currently able to uninstall malware (I asked, and they told me they are working on this) AM doesn't have (that I can find) a Trusted Install feature. Simply disable it (right click on icon, then disable), and install the program...it is then trusted.