Threat Description

Worm: W32/Downadupjob.gen!A


Category: Malware
Type: Worm
Platform: W32
Date Discovered: 2009-01-01 16:11:27.0
Aliases: Worm:W32/Downadupjob.gen!A, win32.worm.downadupjob.a


Worm:W32/Downadupjob.gen!A is a Generic Detection for .JOB files used by Worm:W32/Downadup.


For removal tools and instructions, see the Disinfection section of Worm:W32/Downadup.gen.

Technical Details

The .JOB file used by the worm is detected as it is part of the worm's propagation routine. Downadup attempts to spread itself using Windows Scheduled Tasks. The .JOB file defines a scheduled task, which in Downadup's case triggers an execution of the worm library via rundll32.exe. Legitimate tasks are usually located in the following folder:


For more about Downadup variants and activities, see:

Description Created: 2010-06-23 05:20:51.0

Description Last Modified: 2010-07-01 11:04:49.0


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More