Symantec Endpoint Protection's scans can detect and remediate the files involved in this threat. There is often a computer in the network which does not have any functioning AntiVirus: the threat will persist there and constantly attempt to reinfect other machines. Using Risk Tracer or IPS logs will helps administrators identify, isolate and clean the infected computers.
1) To start working, first you need to download the required patches on all machines to fix the underlying Microsoft vulnerability. These are available via Windows Update or from the following links:
3) One technique that W32.Downadup uses to spread is to attempt to gain access to administrator accounts by guessing common passwords. Make sure to change all passwords throughout the organization to make them strong and complex.
Apart from that also we also that w32.Downadup is remote code execution:
Review the current Passwords policy, you can configure a Windows GPO that will require a complex password, with a minimum number of characters.