Like it happened with Vodafone's HTCs memory cards, Energizer DUO Software is currently distributing malware. The resposible is
Arucer.dll (MD5 = 1070be3e60a1868d2cd62fc90d76c861.). If you have disabled AutoRun, there's no problem.
Summary:
Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been available on the Energizer website. The installer for the Energizer DUO software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory. When the Energizer UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll executes Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key.
Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp.
Energizer has issued a statement acknowledging the issue. The company said it has discontinued sale of this product and has removed the site to download the software.
Complete write-up by Symantec:
HereAdvisory (US-CERT):
HereSample password:
http://malwareview.com/$%/"!
