NSS Labs has built a tool that detects known and newly created Duqu drivers that have infiltrated systems. The tool is available free and is capable of detecting new drivers as they are discovered. Duqu uses similar techniques to Stuxnet, specifically the use of drivers signed by “legitimate” digital certificates. It is not known whether those certificates were stolen or manufactured by the attackers following the compromise of a certificate authority (CA) Duqu is not self-replicating (although some theorize that it can be commanded to replicate itself across network shares)
Source: https://thehackernews.com/2011/11/duqu-analysis-and-detection-tool-by-nss.html