Well, just for grins, I put an unpatched, but AV-protected machine on the wire to see what would happen w/Blaster-Welchia, using a fresh install of w2k w/AntiVir PE to mess around. AntiVir also does a full system scan after install, which turned up nothing. About 20 minutes later, I hear a "beep!", and sure enough, there sits Welchia in quarantine, and AntiVir shows 1 nasty intercepted. HOWEVER, upon checking the quarantined file, I also discovered a .com file beside it which AntiVir has ID'd as Atom! Assuming this is a false-positive, I quickly tested with NAV, and Housecall, and darned if they both didn't flag Atom also. My question is: Is it possible that something piggy-backed with Welchia?