Stuxnet, a new malware that has been discovered by security researchers last July 2010 is making a buzz in the security community. It takes advantage of a flaw in Windows’ parsing of shortcut files and is able to run itself without user interaction using USB flash drives as a medium of propagation. Almost all current versions of Windows are found to be affected by this vulnerability including Windows XP, Vista, Servers and 7. You can view the full guide here Trojan Stuxnet USB drive exploit.
You can remove the Stuxnet Trojan from a USB flash drive easily in this step-by-step guide on how to remove the Stuxnet Trojan.
If for some reason, you have recently inserted a flash drive on your computer and noticed an odd change in your computer’s behavior, you will need to follow the steps provided on this guide to determine if Stuxnet has really infected your system.
Getting The Right Tool
You will need the right tool in order to determine if you are infected with Stuxnet. There are many malware cleaners available on the Internet, but for Stuxnet, Sysclean from TrendMicro will do the job.
NOTE: The author of this article is NOT in any way connected with TrendMicro or any of its sister companies. This guide was provided to help users remove Stuxnet from their systems. The tool provided on this How To Remove Stuxnet guide is the safest tool to use, in the opinion of the author, as there are tons of spyware masking themselves as legitimate Trojan and worms cleaners.
Sysclean is a free all in one package for detecting and removing malware for Windows users. It provides a means of detecting and removing rootkits, such as the Trojan Stuxnet. You can find the link on how to remove Stuxnet from TrendMicro’s Website.
After downloading the package, save it on a folder and execute. Let sysclean download the latest component it needs from the TrendMicro site. After Sysclean has downloaded its components, do not scan you computer yet. You still have several things to do before scanning.
Things To Do Before Scanning
There are several things you need to ensure before starting the scan:
- Make sure you have installed the latest Microsoft Patch. Proper installation procedures are provided on Microsoft’s update website.
- Disconnect your computer from the network to prevent re-infection
- Insert the suspected Stuxnet infected USB drive. You need to do this to make sure that the USB is also scanned and won’t reinfect your computer.
Starting the Scan
Now that you have prepared the things you need, you can now start scanning. If you have not closed TrendMicro’s Sysclean, make sure that the checkbox on the lower left indicating “Automatically Clean Infected Files” is checked. Click on “Scan” and let it finish it’s scanning. However, if you have closed Sysclean, you will need to go back to the folder where you saved the Sysclean package and execute Sysclean.com again. These are all the steps you need to know on how to remove the Stuxnet Trojan, even from an infected USB flash drive.
Screenshots by author courtesy of TrendMicro