It is quite strange. That this worm is still out there and nobody cares to patch their XP machines. Having the latest service pack will not save you, as you all know support of XP will end soon. So you better patch everything!
One more thing regarding the Downadup please apply those to your XPs, it's a worm so it spreads on the network and exploits vulnerabilities:
http://technet.microsoft.com/en-us/security/bulletin/ms08-067
http://www.microsoft.com/en-us/download/details.aspx?id=3205
Turn off System Restore before disinfection, because otherwise - yes it will restore. Restart after that.
And try this one please, you will not find it elsewhere anymore. But when you login in your machine don't use a privileged user there is a Run As - so use it.
UPDATE - seems I deleted accidently the file, here it is again:
https://drive.google.com/file/d/0B1HfGZPmAyo0VjROMVRQd000V1U/edit?usp=sharing
Also you can try this it seems more up-to date:
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx
It is also known as Windows-KB890830, unarchive the exe with 7Zip for instance.
and you can try this bat:
@echo off Start /wait Mrt.exe /q If errorlevel 13 goto error13 If errorlevel 12 goto error12 Goto end :error13 Ismif32.exe –f MIFFILE –p MIFNAME –d ”text about error 13” Goto end :error12 Ismif32.exe –f MIFFILE –p MIFNAME –d “text about error 12” Goto end :endMore here: http://support.microsoft.com/kb/891716
You can find ismif32 here: http://www.myitforum.com/articles/1/view.asp?id=80
UPDATE look here: http://support.microsoft.com/kb/962007
Thank you for reading this.
