On my last full scan, NOD32 4.0.474.0 reported that it has found and deleted several trojans in the Application Data\Sun\Java\Deployment\cache\6.0\ folder. All were identified as Java/TrojanDownloader.Agent.NBU trojan. Since I have had past NOD32 reports of trojans in the Sun\Java\Deployment\cache\6.0\ folder, I would like to submit the files to virustotal.com to see if these are reported as such by other antivirus programs. Are they really deleted, or are they still available somewhere? I looked in the Local Settings\Application Data\ESET\ESET NOD32 Antivirus\Quarantine folder and did not see any files there with the same names as the ones reported. Instead, all files there have NQF or NDF extensions which I understand to be encrypted files created by NOD32. My two questions: 1. How does one retrieve a reported and deleted malware file for submission to virustotal.com? 2. If NOD32 is checking files in real-time, why weren't these files caught when they were first copied to the hard drive prior to the on-demand scan?