The public became aware of the Stuxnet worm back in July, largely because it was linked to several 0-day vulnerabilities of the Windows operating system.
Researchers who analyzed the worm discovered what appeared to be its core purpose: to target industrial computer networks running Siemens WinCC software. But the nature of the vulnerability made all Windows systems vulnerable, and while workarounds were published shortly after the discovery it was not enough to limit or even eliminate the spreading of the worm.
Stuxnet exploits a vulnerability in Windows that allows the spreading of the worm without file execution. A successful exploitation of the system installs two rootkits and a backdoor on the system.
Some antivirus solutions are not able to detect Stuxnet or variants of the worm. Users who want to make sure that their system is not infected by the worm, and users who have recover an infected system, may want to download BitDefender's Stuxnet Removal tool.
The free program detects and removes all known Stuxnet variants.
BitDefender has added generic detection covering all variants of Stuxnet as of July 19, thus protecting its customers since day zero. Computer users that are not running a BitDefender security solution can now eliminate Stuxnet from the infected systems by running the attached removal tool. The tool can be run on both 32- and 64-bit installations and will eliminate both the rootkit drivers and the worm.
The portable program will perform an automatic scan on startup, and offers manual scanning options in the program options as well.
A system infected by Stuxnet will be restored by removing the two rootkits after the scan, and the worm after a necessary restart of the computer system.
The Stuxnet Removal Tool is compatible with 32-bit and 64-bit editions of the Windows operating system. It can be downloaded directly from Malware City, BitDefender's community site.
Malware City has moved to Hot for Security, and with the move came changes in the website structure. This unfortunately has affected the Stuxnet removal tool download link as well, which is not redirected to a download on the new site. The majority of antivirus solutions out there today should however be able to remove the malicious code without need for a third party removal tool.
If you are looking for a standalone tool, try Stuxnet Rootkit Remover which is still available.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.