Home / malware Worm:W32/Downadupjob.gen!
First posted on 19 October 2009.
Source: SecurityHomeAliases :
There are no other names known for Worm:W32/Downadupjob.gen!.
Explanation :
A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.
Additional DetailsWorm:W32/Downadupjob.gen!A is a Generic Detection for .JOB files used by the Downadup worm.
The .JOB file used by the worm is detected as it is part of the worm's propagation routine. Downadup attempts to spread itself using Windows Scheduled Tasks. The .JOB file defines a scheduled task, which in Downadup's case triggers an execution of the worm library via rundll32.exe. Legitimate tasks are usually located in the following folder:
  • WINDOWSTASKS
Please see the following descriptions for additional details:
  • Worm:W32/Downadup.gen   • Worm:W32/Downadup.AL   • Worm:W32/Downaduprun.A
DetectionF-Secure Anti-Virus detects this malware with the following updates:
[FSAV_Database_Version]
Version = 2009-01-22_12.Last update 19 October 2009