Feb 17

How to Remove W32.Downadup.B Worm – W32.Downadup.B Removal Guide

Worms Add comments

W32.Downadup.B Description:

W32.Downadup.B is a worm that tends to replicate itself through networks infecting all the subsidiary nodes and causing severe system trouble for each of the network units. W32.Downadup.B is known to contaminate target systems by exploiting Windows Server Service vulnerability. W32.Downadup.B has an enormous propagation scope – starting from December 2008 up till now, it has infected up to 10 million computers all over the planet. When operating, W32.Downadup.B disables the access to some domains and concurrently triggers the “Network request timed out” alert or some other similar one. W32.Downadup.B also creates a file in all the drives called ‘autorun.inf’, and each time this drive is queried, this file is automatically executed. Once launched, autorun.inf will attempt to spot other machines connected to the infected one, in order to access them illicitly as well. W32.Downadup.B is hard to remove manually or using most spyware removal tools. If you suspect W32.Downadup.B in your system, you should immediately perform a scan with a trusted utility, and if detected, eliminate W32.Downadup.B. And it’s preferable to use a strong administrator password to avoid infection with worms like W32.Downadup.B.

Find out if your PC is infected with W32.Downadup.B worm:

Download W32.Downadup.B Worm Free Scanner with Remover

How to remove W32.Downadup.B manually:

To perform manual removal of W32.Downadup.B worm, you should do the following:

Delete W32.Downadup.B corrupt files:

  • svchost.exe
  • explorer.exe
  • services.exe
  • %System%\[Random].dll
  • %Program Files%\Internet Explorer\[Random].dll
  • %Program Files%\Movie Maker\[Random].dll
  • %All Users Application Data%\[Random].dll
  • %Temp%\[Random].dll

Remove W32.Downadup.B registry entries:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHO WALLCheckedValue = dword:00000000
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SvcHost, netsvcs = %Previous data% and %Random%
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[random]\ParametersServiceDll = %MalwarePath%

Please, note that manual removal of W32.Downadup.B worm is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may lead to irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic W32.Downadup.B removal tool below:

Download W32.Downadup.B Worm Removal Tool

6 Responses to “How to Remove W32.Downadup.B Worm – W32.Downadup.B Removal Guide”

  1. 1. Veena Says:
    February 28th, 2009 at 2:14 am

    my system is affected with w32.downadup

  2. 2. admin Says:
    March 1st, 2009 at 1:30 am

    Veena,
    Thanks for your comment!
    You can get rid of W32.Downadup.B worm by following our manual or automatic removal hints above. The automatic way is more simple and effective.
    Good luck!
    Regards,
    Windows Protection!

  3. 3. yhudi Says:
    March 30th, 2009 at 9:14 pm

    My Network is Infected Downadup.Band Conficker. how to clean it so fast and safe. and i try following manual removal but that file can’t be found, what can i do ??

  4. 4. admin Says:
    April 4th, 2009 at 12:36 pm

    Yhudi,
    You should try using our automatic removal tool available through the links above.
    Thanks!
    Regards,
    Windows Protection

  5. 5. ajay Says:
    November 20th, 2009 at 5:00 am

    in my server pc always showing

  6. 6. stratos Says:
    December 22nd, 2009 at 9:50 pm

    My network is always disconnected. S.O can’t get the printing share coz the W32 svchost block the process; i can’t print until i restart my PC.

Leave a Reply