Nod32 & wextract.exe

yeah, how would I check its working after copying and pasting the file?

 

- the file is where is should be
- your computer and programs are working with no problems and without any errors

 

Goto command prompt and type sfc /scannow.
Be sure that you put in your Original-CD of Windows. The system will scan your system-files and replace the file with the original from CD or from the stored folder at your HDD.

Hope this helps.

 

^ thanks,do you mean the original cd instead of the slipstreamed sp2 cd? I already did the copy and paste from my other pc and there haven't been any problems so far- there weren't any earlier either.

 

If "copy&paste" works - than all is fine.
I don´t know Slipstreamed-CD will work. I have do it with the Original-CD. Normally sfc /scannow will use the stored file in WINDOWS\ServicePackFiles\i386. If this folder not exist than it will search the original from CD.

 

Hi there

I had exactly the same trojan report -wextract.exe & trojandropper.agent.ndn on NOD32 update 1944 or 1945 (not sure which was active when the first report came in), and I just found this forum.

I understand this is a false positive but I am still a little nervous as I can't find any information saying as much on the ESET website. How do you verify that it is a false positive?

Thank you and Happy New Year!

James

 

Hi !

The paths it comes from
C:\WINDOWS\ServicePackFiles\i386\wextract.exe
C:\WINDOWS\system32\wextract.exe


These were false positive alarms which were corrected. If you have them in NOD32's Quarantine , first update NOD32 and then restore them

 

Hi jamest, welcome to Wilders

It was a false positive that was fixed within a very short period of time. The next update was uploaded and this remedied the situation.

Cheers

 

Thanks Blackspear and HITech Boy,

Those were the affected files, so thanks for reassuring me I'm in the clear.

All the best

James

 

You are welcome !

 

You are welcome.

Cheers