Protect your computer against DUQU malware using Trend Micro program

Problem Description

This article shows you how to protect yourself from the malware called DUQU.

Solution

DUQU may have been developed by the cybercriminals that created STUXNET, due to the similarities with their codes and routines. However, unlike STUXNET, DUQU's payload does not include connecting to SCADA systems.

DUQU is made of the following components that work together:

RTKT_DUQU.A, a SYS file
2 encrypted DLL components

These components work together to enable DUQU to connect with its C&C server to download other files. The main component is the RTKT_DUQU.A file.

One of its downloaded files is the information stealer detected as TROJ_SHADOW.AF.

Below are Trend Micro solutions to protect yourself from the malware:

Solution	Specifics
Smartscan Detection	TBL 11514.009.00 (TROJ_SHADOW.AF) TBL 11584.018.00 (RTKT_DUQU.A)
Smartscan Detection	OTH-CPR 8.508.05 (RTKT_DUQU.A)
CPR Detection	CPR 8.508.03 (RTKT_DUQU.A)
Smart Pattern Detection	CPR 8.508.05(RTKT_DUQU.SME)
OPR Detection	OPR 8.429.00 (TROJ_SHADOW.AF) OPR 8.509.00 (TROJ_DUQU.ENC) (TROJ_DUQU.DEC) (TROJ_DUQU.CFG)

Solution ID	Last Updated
1059505	Date : 2013/01/16 Time:6:03 AM , (PST)

Product/Version	Platform
OfficeScan - 10.0, 10.5, 10.6, 8.0;Titanium AntiVirus + - 2011, Titanium AntiVirus + - 2012;Worry-Free Business Security Standard/Advanced - 6.0, Worry-Free Business Security Standard/Advanced - 7.0, Worry-Free Business Security Standard/Advanced - 8.0;	Windows - 2003 Enterprise, 2003 Enterprise 64-bit, 2003 Small Business Server, 2008 Enterprise, 2008 Essential Business Server, 2008 Server Core, 2008 Small Business Server, 2008 Standard, 2011 Small Business Server Essentials, 2011 Small Business Server Standard, 7 32-bit, 7 64-bit, Vista 32-bit, Vista 64-bit, XP Home, XP Professional, XP Professional 64-bit

Rate this Solution
Did this article help you?
Yes No	What was the problem with this solution? Required The video did not play properly. The image(s) in the solution article did not display properly. The solution did not provide detailed procedure. The solution is hard to understand and follow. The solution did not resolve my issue. Others. Please specify. Please provide your comments to help us improve this solution. Required

	*This form is an automated system. General questions, technical, sales and product-related issues submitted through this form will not be answered.


Business Knowledge Base All Support
Advanced Search \| View Search Tips

Go To:

Popular Products

More Support

Go to:

Popular Products

Protecting your computer from the DUQU malware with your Trend Micro program

Problem Description

Solution