W32.Downadup is a worm that spreads by exploiting the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability. SO applying the Microsoft patches is mandatory
Patches for Downadup(1 for RPC and another for IE)
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx
This virus copy itself in the recycle bin, uses scheduled jobs and autorun function to load the content in memory and infect the system. It also change the registry disabling the "show hidden files" function so the operating system itself is unable to show this file to the administrator and our antivirus is unable to detect the file.
How to proceed after applying the patches
1. Disable autorun(Reference: Microsoft KB)
http://support.microsoft.com/kb/953252
2. Temporarily Disable the "Server" and "Computer Browser" services (if possible)
Disabling the Computer Browser and Server service on the affected systems will help protect systems from remote attempts to exploit this vulnerability.
3. Temporarily Disable the "Task Scheduler" service
Disabling the "Task Scheduler" will help protect systems from local attempts to use scheduled tasks to copy infected files all over the network.
4. Disconnect the network drives/shares(Admin$ and C$)
Then install the latest available definitions from Symantec and run a full system scan on all the machines on the network to resolve the issue.