Win32.Worm.DownadupJob.A( Worm:W32/Downadupjob.gen!A )
SINTOMAS: Presence of many scheduled jobs in C:\Windows\Tasks named At<nr>.jobDESCRIPCIÓN TÉCNICA: This is a generic detection of .job files created by Downadup worm.One of the methods used by this worm to load its library file every day is by creating many Scheduled Tasks in %WINDOWS%\Tasks. The name of the application which will be executed is rundll32.exe and the parameter has the following format: <random_name>.<random_extension>, <random_parameter> - this is the worm's .dll file. More details about Downadup can be found at the following URL: Win32.Worm.Downadup.Gen INSTRUCCIONES DE LIMPIEZA: Please let BitDefender disinfect your files.ANALIZADO POR: Dana Stanut, virus researcher |