At about 5:00AM, Smart Security popped up, saying it had quarantined a c:\Windows\system32\CMCFG3.DLL file, which was planning to run at system startup, and which contained the Delf.OAX.Trojan. My initial reaction was to be thankful that Eset had caught it. But then, ... The file's Created timestamp showed that it had just gotten installed 5 hours prior, 10/23/2009 12:32AM (today). I have an automatic backup program which ran at 4:08AM and made a backup copy of the file before ESS detected & quarantined it. So I had ESET scan the backup copy - but it found NO infection. I then restored the original file from quarantine, to check it. An ESS scan now found it to be clean!! CAN ANYONE TELL ME WHY IT DETECTED a Delf.OAX.trojan, THEN A FEW MINUTES LATER SAYS FILE IS CLEAN!!!! I also found another file in \system32 folder, named CBLCAT.DLL, which is the same size (116K), and which was created at 12:59AM, shortly after CMCFG3.DLL got installed. Sounded suspicious, so I did a binary compare -- the files differed in only two bytes! VERY Suspicious... But an ESET scan of this file says it is not infected. What is going on here? How can a file be infected one minute and clean the next? (Eset did NOT say it had CLEANED the infection, just deleted and quarantined it. -- And in any case, I have a pristine backup copy of the file made an hour before Eset Alerted on it, which Eset now says is clean. I did submit the file to Eset, and I'm creating a Support Ticket about this, but based upon my recent experience with Eset Tech Support, I doubt that I will hear anything back from them, so I'm hoping that someone here might be able to shed some light on this question.