I try to avoid software thats end of life but occasionally I get stuck with a few programs that just don’t have any updated versions or are tied to a piece of hardware that I need to use. LCDC is software designed to run little LCD displays you can buy for your computer. I have one in particular thats over 3 years old now but still runs great. However it hasn’t been updated well ever.
Today I took to scanning my PC and discovered that some of the plugins for LCDC were infected. I decided to check the web site http://www.lcdc.cc/downloads.htm for updates, it didn’t appear off hand that any were actually updated, but it does appear that some are not infected and others still are.
Continue reading 'LCDC Plugins Infected With Malware'»
Security
computer, dll, download, file, good, infect, LCDC, lcdc.cc, list, malware, online, OS, packed, pc, plugin, site, trojan, unknown, update, win32, windows media player, yabector
If you have not heard of Blackmal, or taken precautions against this very deadly piece of Malware then you have not been paying attention to the security forums this week.
There are many names for this depending on who your Anti-Virus vendor is.
Check out the details.
What’s in a name.
If you have trouble with the name of this particular malware check out CME.mitre.org for a better
listing. There are several other names this goes by, but importantly is how to take precautions NOW about this. I personally think this says more about the person who came up with this name.
Methods of Infection
Email or P2P share are the typical delivery methods reported. So this means checking all files as they come in, or isolating them and checking them prior to downloading them. Don’t chance anything, and if it’s packed, unpack it. The typical malware is packed with UPX in this case.
It will connect to any network shares and copy itself to these locations:
\Admin$\WINZIP_TMP.exe
\c$\WINZIP_TMP.exe
\c$\Documents and Settings\All
Users\Start Menu\Programs\Startup\WinZip Quick Pick.exe
OS affected
Any Windows OS.
Methods of Prevention
Other than keeping your Anti-Virus program up to date, and checking tonight for updates, you can also not process any emails directly into your mail program. Instead pre-filter them before you download them. You may lose a mail or two, but that is better than the alternative; losing system files, and not being able to reboot properly.
When it comes to P2P, just don’t do it. I’m sure you can slow down for a couple days until this gets full wind and your anti-virus will be able to detect it properly. If not oh well, I guess a rebuild isn’t such a bad idea then.
\r
Risk Level
Moderate. It’s very high as far as destructiveness is concerned, but is easily avoidable by keeping your software and OS up to date.
If you have any comments or questions use our forum, or post your comments below.
Links:
Blackmal
Malware
listing
Archived Stories
boot, copy, delivery methods, doc, documents and settings, download, email, file, infect, list, mail program, malware, many names, method, methods, network shares, OS, packed, pre filter, prevent, security forums, Shares, system, typical delivery, update, upx, virus program, windows
Comments Off 
