Hi all, especially NOD32 developers ! Yesterday I downloaded a .rar archive with several files in it, I scanned it with NOD32 (default settings) - 0 viruses, no alerts, then I unpacked the archive into a folder and scanned the folder and then scanned all files in it - 0 viruses or threats. I double clicked on the file cube-desktop-1.3.2-.v.1.0.exe and the effect of launching the file was unnoticeable BUT that in few seconds I got the standard red Windows XP security center allert in tray "You have got security problem". I clicked on the Security Center tray allert, and Internet Explorer started to an unknown URL address which got blocked with the ESET security message inside the browser. I closed the browser, but the same Security Center alert appeared again, I did not click it, and in some 20 seconds the browser started again to an unknown URL address which got blocked with the ESET security message inside the browser. The REAL-TIME monitor was always on. I rebooted the system - the problem stayed. It took me an hour to fully scan the system, but my NOD32 did not detect any threats ! And the problem stayed ! I ran msconfig, and unchecked the malicious processes: http://i371.photobucket.com/albums/oo156/allthemiscellaneousstuff/sshot-3d.jpg 4C2, which starts and automatically launches C.exe Now all looks fine, the problem's gone, but I've failed to find and delete the two malicious files with NOD32 or windows search ! I own 1 year NOD32 license and I do the NOD32 automatic updates every day. I like NOD32 and hope proper update will be released as soon as possible - I still have to get rid of the infected files. Yes, not less interesting is that this morning the suspicious files got submitted to the ESET server, but my NOD 32 AV 3.0.6 does not even see them dangerous ! How come ? http://i371.photobucket.com/albums/oo156/allthemiscellaneousstuff/sshot-2.jpg Ok, I am linking to the infected file below, for the ESET devs ONLY !!!! Attention ! The link below is a VIRUS, for analysis only ! INFECTED FILE here. Link removed, TOS violation. Edit: Thank you for clarifying, Marcos! I wonder why the does not work here? When posting, I did have the img code on.