I woke this morning to be greeted by windows autoupdate informing me that I had an update for KB836528 to be installed. This update is only offered if windows update detects an infection. My question is why didn't NOD detect this and how did I get infected? here is the link to the KB article and here are my log entries from this morning; http://support.microsoft.com/default.aspx?kbid=836528 Event Type: Information Event Source: Windows Update Agent Event Category: Installation Event ID: 17 Date: 10/16/2004 Time: 4:52:35 AM User: N/A Computer: XXXX-XXXXXXXXXXXXX Description: Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Mydoom, Zindos, and Doomjuice Worm Removal Tool (KB83652 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. And my NOD info; NOD32 Antivirus System information Virus signature database version: 1.896 (20041015) Dated: Friday, October 15, 2004 Virus signature database build: 4918 Information on other scanner support parts Advanced heuristics module version: 1.010 (20040902) Advanced heuristics module build: 1061 Internet filter version: 1.002 (2004070 Internet filter build: 1013 Archive support module version: 1.021 (20040917) Archive support module build version: 1101 Information on installed components NOD32 for Windows NT/2000/XP/2003 - EMON Version: 2.0.0 NOD32 For Windows NT/2000/XP/2003 - Base Version: 2.12.2 NOD32 For Windows NT/2000/XP/2003 - Internet support Version: 2.12.2 NOD32 for Windows NT/2000/XP/2003 - Standard component Version: 2.12.2 Operating system information Platform: Windows XP Version: 5.1.2600 Service Pack 2 Version of common control components: 5.82.2900 RAM: 512 MB Processor: x86 Family 6 Model 5 Stepping 2 (448 MHz) What gives? How did I get infected? is this a false positive from WindowsUpdate? the article says it looks for registry entries. I am confused by all of this. And no NOD never alerted or even found supicious files or anything. Any advice?