W32.Downadup.B. How to remove? (Uninstall guide)

by ,   Also known as Downadup | Type: Worms
W32.Downadup.B is a worm that infects computers by exploiting the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability. This virus was detected in December 2008 and since then it is spreading all over the world. Various sources have said that somewhere between 3million and 10million systems have been infected already.

W32.Downadup.B monitors DNS requests to certain domains and blocks access to them causing network request timed out notification to show up. Typically, users gets a Windows alert saying that there is no network provider. However users still can ping the computer name or IP Address. W32.Downadup.B also creates autorun.inf file on all mapped drives and automatically executes it when the drive is accessed. Then the virus monitors for other computers that are connected to the infected computer. W32.Downadup.B creates autorun.inf as soon as other computer becomes accessible.

Most of the anti-spywares are worthless against this virus. Manual removal instructions will not work too, because registry permissions have to be restored, before registry keys are removed. The most effective way to avoid W32.Downadup.B is to use the registry to block Autorun of external media and to use a strong administrator password. W32.Downadup.B properties:
• Allows remote user connection
• Connects itself to the internet
• Hides from the user
• Stays resident in background

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
SpyHunter - remover Happiness
Compatible with Microsoft Windows
What to do if failed? If you failed to remove infection using Webroot SecureAnywhere AntiVirus SpyHunter, read here how to submit a support ticket or submit a question to our support team and provide as much details as possible.
SpyHunter is recommended to uninstall W32.Downadup.B. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of SpyHunter malware removal tool.

More information about this program can be found in SpyHunter review.

If you decided to select another anti-spyware, uninstall SpyHunter from your computer.
more than 40.000.000 downloads!
Webroot SecureAnywhere AntiVirus is recommended remover to uninstall W32.Downadup.B. You should confirm using free trial that it detects current version of parasite.
Not using OS X? Download a remover for Windows.
Alternate Software
We are testing STOPzilla's efficiency (2009-03-18 01:03)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2009-03-18 01:03)
XoftSpySE Anti Spyware
We are testing XoftSpySE Anti Spyware's efficiency (2009-03-18 01:03)
Defender Pro Ultimate

Geolocation of W32.Downadup.B

Map reveals the prevalence of W32.Downadup.B. Countries and regions that have been affected the most are: China, India, Japan and United States.

Information updated:

Comments on W32.Downadup.B

open notepad, go to Save As ... choose Save As tipe: ALL FILES ... file name: file name of the virus w32.downadup.b attempts to create the c: windows system32 (eg: vtbuzl.pv or ycjtvub.hi similar) then save the same file name in c: windows system32. mark it as read only ... ende ...

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)
Like us on Facebook