Oct 8, 2010 15:39 GMT  ·  By

BitDefender has released a stand-alone free tool capable of cleaning all known versions of the infamous Stuxnet industrial espionage worm from infected computers.

Stuxnet was discovered earlier this summer and has shocked the world and the security industry with its features and sophistication.

The worm is designed to spy and/or sabotage supervisory control and data acquisition (SCADA) systems that operate and monitor critical installations in power plants, oil and gas refineries, factories and other industrial facilities.

In an announcement made yesterday, the European Network and Information Security Agency (ENISA) referred to the worm as "paradigm shift," which paves the way for a new class and dimension of malware.

The worm has multiple propagation routines, some of which rely on exploiting vulnerabilities in the Windows operating system, that were unknown to Microsoft at the time of its discovery.

Due of the multiple infection vectors associated with it, which include removable USB drives, network shares, WebDAV resources and LAN attacks, the worm also poses a big threat to personal computers.

Stuxnet's payload involves installing a backdoor, as well as two digitally signed rootkit components, that also run on 64-bit versions of Windows.

"BitDefender has added generic detection covering all variants of Stuxnet as of July 19, thus protecting its customers since day zero.

"Computer users that are not running a BitDefender security solution can now eliminate Stuxnet from the infected systems by running the […] removal tool.

"The tool can be run on both 32- and 64-bit installations and will eliminate both the rootkit drivers and the worm," the Romanian antivirus vendor announces.

However, it's worth pointing out that one of Suxnet's propagation routines involves infecting projects created with the Siemens SIMATIC Step7 software, which are used by SCADA systems.

The malware creates copies of itself in several places inside a project's directory structure and modifies several of its files, which BitDefender's removal tool probably doesn't restore.

Therefore, if you plan on using this utility to clean a Stuxnet-infected computer that houses Step7 projects, make sure to restore them from a clean backup afterward; otherwise you risk reinfection.

The BitDefender Win32.Worm.Stuxnet Removal Tool can be downloaded here.