Maybe this is a bit off topic but I could use some help. My Viruscan has detected two files (Win32info.exe and Win32info-unninstall.exe)infected with the "Downloader-DC" virus. The program says it cannot clean the files and that I should delete them and get a new copy...I assume I will find these files in my XP CD? If so, where? Is it safe to delete the files?Any help welcome. I have not noticed anything weird with my computer except the anti-virus pop-up window telling me every 5 minutes it has found a virus...Thank you.Hugo

Before you start trying to fix what ain't broke, go here http://www.trendmicro.com/vinfo/ and read up on what it is you think you have and how to deal with it. The following I just copied from our corporate virus provider's web site:I searched on Downloader-DC:"virus Encyclopedia Search Results << Search Again0 records match your query.There was no match in our database for the security threat you are looking for. Please check your spelling and try again. If you are not certain about the exact name of the virus you are looking for, please use HouseCall, our free, online virus scanner, to check your PC and determine if you have a virus. Search for Downloader-DC in all Trend Micro pages Search for Downloader-DC in our Knowledge Base"

Hi Hugo, I'm running XP and don't even have these files. Maybe they came with some other application? Do you need them at all, or indeed, are the filenames merely to make them look legitimate? Maybe the files actually are the viruses!You've obviously no choice but to get rid of the two files. I'd just see if I could go without them before trying to hunt down other copies.Best of luck :-)EDIT: like tgabriel, I just did a search for this virus on www.symantec.com. There's no specific name "Downloader-DC", but there are many 'downloader' trojans named.Cheers,Paulhttp://www.strontiumdog.plus.com/sbird.jpgOfficially licenced by British Airways plc for use of name and logo[p]AMD XP2800+ Barton, Gigabyte GA-7NNXP nForce2, 1Gig Crucial PC3200 DDR 400MHz, Gainward 128 MB GF4-4200, SB Audigy, 3 x WD Caviar SE[/p]

Thank you for your help. This is the message I

Hugo, Here's someone else who found these files to be viruses:http://www.derkeiler.com/Newsgroups/micros...03-08/2047.htmlClick on "next in thread" near the top to see the two replies...Cheers,Paulhttp://www.strontiumdog.plus.com/sbird.jpgOfficially licenced by British Airways plc for use of name and logo[p]AMD XP2800+ Barton, Gigabyte GA-7NNXP nForce2, 1Gig Crucial PC3200 DDR 400MHz, Gainward 128 MB GF4-4200, SB Audigy, 3 x WD Caviar SE[/p]

Thank you for your help Paul. I removed both files from the System32 folder and I think I got rid of the problem. At least virus Scan no longer detects any virus after a complete scan of my system.Once again, thank you.

Hugo, did you also edit the registry?Look in:HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun there's probably a string value "win32info" with data something like ..system32win32info.exe /noconnect.Delete the string value! ;-)Cheers,Paulhttp://www.strontiumdog.plus.com/sbird.jpgOfficially licenced by British Airways plc for use of name and logo[p]AMD XP2800+ Barton, Gigabyte GA-7NNXP nForce2, 1Gig Crucial PC3200 DDR 400MHz, Gainward 128 MB GF4-4200, SB Audigy, 3 x WD Caviar SE[/p]