Below is a screen shot from a customer's PC which was running terribly slow, upon updating the definitions, this was found. Win32/Expiro.A, which seems to be specifically targetting NOD32's kernel, I have not seen this before. I'm running another scan with the updated definitions and it should be removed, but just thought I'd share. I also recieve a CRC error with NOD32 because of this infection, stating a possible (now proven) infection. Not looking for support yet as I should be able to handle this, but congratulations to NOD32, even when specifically targeted, cannot be brought down. *edit* And I was correct, scan in safe mode started quarantining and deleting the infections right off the bat, hopefully it won't remove it's own Kernel though!