Downadup.B is a medium risk worm affecting all versions of the Microsoft Windows operating system.
The worm makes use of the Windows RPC vulnerability. Once a computer is infected the worm will drop various .dll files and will also create entries in the Windows registry.
The worm will also remove restore points as well as running as a new service at startup. The worm will also stop other services on an infected system.
The worm also performs tasks to identify the infected computer’s IP address and will then make this available for hacker/downloader access – which allows download of data from an infected computer.
There are various other malicious tasks performed by this worm to make removal very difficult and this worm should be scanned for and removed immediately to avoid further damage and loss of sensitive data.
