Slashdot Mirror
Energizer USB Battery Charger Software Infects PCs
swandives writes "Researchers at US-CERT have warned that software accompanying the Energizer DUO USB battery charger contains a Trojan that gives hackers total access to a Windows PC. The product was sold in the US, Latin America, Europe and Asia starting in 2007. Upon installation, the software creates the file 'Arucer.dll,' a Trojan that listens for commands on TCP port 7777. Upon receiving instructions, the Trojan can download and execute files, transmit files stolen from the PC, or tweak the Windows registry. Uninstalling the software disables the automatic execution of the Trojan. Users can also remove Arucer.dll from Windows' system32 directory and reboot the machine to disable the backdoor component."
IMPORTANT NOTICE,
Windows users may be infected with “Arucer.dll”, a trojan horse virus that listens for commands on TCP port 7777. To see if this trojan is installed, go to your “Windows” folder and look for the virus called “System32” (the actual system folder is just called “System”). If you find that you are infected by this virus, delete “System32” and reboot your computer. You may also need to restart the computer in safe mode before you can delete this virus because the virus will try to prevent you from deleting it.