http://www.welivesecurity.com/2016/03/2 ... detection/
I have some doubts about whether this actually works as described as I would think program executable files would need to be modified to access infected DLLs, but I can see this going under some programs' radars. As the first poster suggested, this looks like a "specialized targeted attack tool [that's] clearly not something intended to infect millions of computers".Each instance of this trojan relies on the particular USB device on which it is installed and it leaves no evidence on the compromised system. Moreover, it uses a very special mechanism to protect itself from being reproduced or copied, which makes it even harder to detect.
... This method depends on the increasingly common practice of storing portable versions of popular applications such as Firefox, NotePad++ and TrueCrypt on USB drives.
Regardless, those especially paranoid can check for suspicious DLL changes over time (e.g. via any of the many great batch hashing programs here on the site). Programs like USBFlashCopy can be easily setup to filter those files, which shouldn't change between sessions.