I have been having problems with certain emails that have a Zip file attached with a filename of Fees_2008-2009.exe.doc. If I extract the file from the Zip EAV does nothing and happily extracts it. If I execute the file EAV does nothing until the worms get downloaded and then they are removed. When this happens though due to the nature of one of the worms, Win32/AutoRun.YK, a registry entry is added which prevents the display of the desktop icons upon reboot. The following are detected ... Win32/AutoRun.YK worm Win32/TrojanDownloader.FakeAlert.IQ trojan Win32/Adware.UltimateDefender application Win32/TrojanDownloader.Wigon.AI trojan Win32/RootKit.Agent.NGN trojan I have set EAV to scan for everything so I now wonder why this file does not get scanned and quarantined when the email arrives !!! Your help is much appreciated.