Energizer USB Battery Charger Software Infects PCs

swandives writes "Researchers at US-CERT have warned that software accompanying the Energizer DUO USB battery charger contains a Trojan that gives hackers total access to a Windows PC. The product was sold in the US, Latin America, Europe and Asia starting in 2007. Upon installation, the software creates the file 'Arucer.dll,' a Trojan that listens for commands on TCP port 7777. Upon receiving instructions, the Trojan can download and execute files, transmit files stolen from the PC, or tweak the Windows registry. Uninstalling the software disables the automatic execution of the Trojan. Users can also remove Arucer.dll from Windows' system32 directory and reboot the machine to disable the backdoor component."

Re:Near Anagram for Duracell

[Jazz-Masta]

There have been reports of Arucer.dll utilizing 100% CPU as far back as mid 2007. It was originally included by Energizer and used to check that the device was indeed connected to the machine.

They aren't sure how long dll has been infected, but all signs point to the entire time (back to May 2007). Considering how many forum posts have issues with the dll going back 2.5 years, you'd think someone would have figured it out long ago.

An AutoStart Fix for Windows XP and W2K

[NicknamesAreStupid]

This little trick will disable all autoplay features, eg. CDs, USB-memories etc. Open the registry editor, regedt32.exe, and configure the following registry value:
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
Value Name: NoDriveTypeAutoRun
Type: REG_DWORD
Value: hex: 0x03fffffff

Re:Near Anagram for Duracell

[Runaway1956]

Since about the time Windows came out with their Task Manager. Basic competency. Very basic. No one suggests that finding the executable, and disassembling it to find out what makes it tick is part of basic competency, but opening task manager to see which of your 97 active processes is using all of your computer time is indeed "basic".