Hi all, I've just run a full system scan scan (signatures are 1944 & scanning setup per Blackspear's tutorial) & Nod32 alerted me to the following viri: C:\WINDOWS\ServicePackFiles\i386\wextract.exe - Win32/TrojanDropper.Agent.NDN trojan - Error quarantining the object - - unable to clean - deleted C:\WINDOWS\system32\wextract.exe - Win32/TrojanDropper.Agent.NDN trojan - Error quarantining the object - - unable to clean - deleted Upon their deletion, XP asked me to insert my service pack 2 disk to reinstall the files...I have a feeling they may well be legit MS files. Further, these were not detected this afternoon when I ran the same full system scan (signature files being 1943) so I'm at a loss as to why these have been detected as viruses. Can anyone shed some light on this? Are they FP or legit virus files. Cheers.