Published Jul 19, 2010 | Updated Sep 15, 2017


Severe |Detected with Windows Defender Antivirus

Aliases: Trojan-Dropper.Win32.Stuxnet.b (Kaspersky) Trojan.DR.Stuxnet.B (VirusBuster) TR/Stuxnet.m (Avira) Win32.Worm.Stuxnet.A (Avira) Win32/Stuxnet.B (CA) Trojan.Stuxnet.1 (Dr.Web) Win32/Stuxnet.B (ESET) Stuxnet (McAfee) Rootkit/Inject.IW (Panda) Troj/Stuxnet-C (Sophos) WORM_STUXNET.A (Trend Micro) Trojan:Win32/Stuxnet.B (other)


Worm:Win32/Stuxnet.B is the detection for a worm that spreads to all removable drives. It does this by dropping exploit shortcut files (files having .LNK file extension) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer). The shortcut files are detected as Exploit:Win32/CplLnk.A.
The worm is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.
This worm uses as an attack vector discussed in Microsoft Security Bulletin MS10-046 . Refer to the advisory for mitigating factors and workarounds to the vulnerability.
To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
For more information on antivirus software, see
Follow us