Guide | How To [How-to] Stuxnet's Son "Duqu" Removal Tool released by Bitdefender

The associated guide may contain user-generated or external content.

CycloneTutorials

New Member
Thread author
May 19, 2011
90
Rootkit.Duqu is a new e-threat that combines the technology of the military-grade Stuxnet with an advanced keylogger and backdoor application. Due to its rootkit technology, the piece of malware can stay hidden from the user, the operating system’s defense mechanism and even from regular antivirus utilities.Just like its predecessor – the Stuxnet rootkit - Rootkit.Duqu.A is digitally signed with a stolen digital certificate that has been revoked in the meantime. This allows it to install itself on both 32- and 64-bit operating systems on Windows platforms ranging from Windows XP to Windows 7. The Duqu rootkit runs on the computer for 36 days and collects any kind of information entered via the keyboard, including passwords, e-mail or IM conversations. After the “surveillance” period ends, the rootkit gracefully removes itself from the system, along with the keylogger component.

Rootkit malware is extremely difficult to detect, as it manages to subvert the operating system before it is fully loaded. Rootkit removal can be challenging even for some antivirus solutions, so manual removal is not recommended. We offer a free and fully automated removal tool that takes care of everything for you.

You only have to download and run it on the system, then reboot the PC if infection is found. Here is a complete rundown of the steps you need to take:

-- STEPS --

1. Download the Duqu_Removal_Tool.zip (.zip file), then double-click on it chose "Extract all files..." from the File menu, and follow the wizard's instructions. You can use any other decompression utility, like WinRAR or 7Zip.

2. Navigate to the folder you have extracted the tool in, find the file called Duqu_Removal_tool.exe and double-click on it. Press the Scan button and let the removal tool scan your PC.

3. If you have Windows Vista with User Access Control enabled, or if you are running as a restricted user in Windows XP, right click the Duqu_Removal_tool.exe program and choose "Run as Administrator". You will be prompted to enter credentials for an admin account.

4. Press the OK button when the removal tool asks for a reboot.

5. If you don't already have permanent antivirus protection or if your current antivirus has failed you, consider using the advanced protection tool provided by BitDefender.

Download Duqu Removal Tool:

http://www.malwarecity.com/community/index.php?app=downloads&showfile=39
 

malbky

Level 1
Jun 23, 2011
1,011
Thanks anyway does duqu have any particular symptoms through which we can identify if we have contracted the infection or not.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top