Rootkit.Duqu is a new e-threat that combines the technology of the military-grade Stuxnet with an advanced keylogger and backdoor application. Due to its rootkit technology, the piece of malware can stay hidden from the user, the operating system’s defense mechanism and even from regular antivirus utilities.
Just like its predecessor – the Stuxnet rootkit - Rootkit.Duqu.A is digitally signed with a stolen digital certificate that has been revoked in the meantime. This allows it to install itself on both 32- and 64-bit operating systems on Windows platforms ranging from Windows XP to Windows 7.
The Duqu rootkit runs on the computer for 36 days and collects any kind of information entered via the keyboard, including passwords, e-mail or IM conversations. After the “surveillance” period ends, the rootkit gracefully removes itself from the system, along with the keylogger component.
Rootkit malware is extremely difficult to detect, as it manages to subvert the operating system before it is fully loaded. Rootkit removal can be challenging even for some antivirus solutions, so manual removal is not recommended. We offer a free and fully automated removal tool that takes care of everything for you. You only have to download and run it on the system, then reboot the PC if infection is found. Here is a complete rundown of the steps you need to take:
1. Download the Duqu_Removal_Tool.zip (.zip file), then double-click on it chose "Extract all files..." from the File menu, and follow the wizard's instructions. You can use any other decompression utility, like WinZip.
2. Navigate to the folder you have extracted the tool in, find the file called Duqu_Removal_tool.exe and double-click on it. Press the Scan button and let the removal tool scan your PC.
3. If you have Windows Vista with User Access Control enabled, or if you are running as a restricted user in Windows XP, right click the Duqu_Removal_tool.exe program and choose "Run as Administrator". You will be prompted to enter credentials for an admin account.
4. Press the OK button when the removal tool asks for a reboot.
5. If you don't already have permanent antivirus protection or if your current antivirus has failed you, consider using the advanced protection tool provided by BitDefender.
Bitdefender Internet Security 2012 integrates antivirus, antispam, antiphising, firewall, parental controls, and social networking safeguards into the perfect silent security solution!