Editor’s Note: This is another installment of a multi-part series on specific and interesting aspects of W32.Downadup.
We know that W32.Downadup.B is aggressive when it comes to infecting computers. So, let’s talk about some of the tricks it uses to stay on a computer once an infection is successful. One of our test computers was infected with W32.Downadup.B. I scanned it with an old original shipping version of Norton Antivirus (2006) and the following error message appeared:
A process on the computer has “locked” the file, which prevents anybody else from accessing it. Now, antivirus software has many ways of getting around this sort of lock. Why isn't it working here?
When W32.Downadup.B infected this computer, we saw...
