Home Malware Programs Worms W32.Downadup

W32.Downadup

Posted: January 26, 2009

W32.Downadup is a malicious worm that spreads to computers in a local network by utilizing Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability. The W32.Downadup worm can perform numerous hideous actions on your PC. W32.Downadup worm can block your access to security websites as well as erase System Restore points before infecting your computer.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netsvcs\Parameters\"ServiceDll" = "[PATH OF WORM EXECUTABLE]"

Related Posts

Loading...