bl4ck Trojan

[KatMac]

I was tweaking Zone Alarm and saw an odd looking name under Programs, bl4ck.

Here's the ZA entry detail:
Product name: (empty field)
File name: C:\DocumentsandSettings\Administrator\LocalSettings\Temp\bl4ck.com
Last policy update: Not applicable
Version: (empty field)
Last modified date: 8/13/2006 6:21:24
File size 6 KB

None of my other security software has detected anything (AVG free, AdAware, SpyBot, Ewido online). I immediately blocked the Trojan in ZA.

I found this page of info. I found this program, Prevx, that claims to remove it (during the free trial period). Anyone familiar with this bl4ck? Is Prevx sufficient to clean it?

Thanks for any input!

~Kat

[fink]

I would try Ewido/AVG spyware scanner first...

http://www.ewido.net/en/

Have you tried deleting the bl4k file?

[KatMac]

Hi fink,
Thanks for responding. Nope, I didn't try deleting that temp file because oddly enough when I Explore my PC, I don't see the file in the location noted above by ZA. A system search doesn't pull it up either.

ZA indicates that file has been in that location since August. In doing routine maintenance I've done multiple ewido scans online since then, and although I wasn't looking for bl4ck (didn't know it was there) ewido picked up nothing on it. I read at one site that a lot of security software is not detecting it, but if it's in the location ZA says, wouldn't I be able to see it?

I just had AVG scan C:\Docs&Settings\Admin\LocalSettings\Temp and Temporary Internet files and it found nothing.

EDIT: Forgot to add, I'll do another ewido scan now, too.

[fink]

delete the whole temp folder (and anything that's in it) then recreate the temp folder immediately afterwards.

C:\DocumentsandSettings\Administrator\LocalSettings\Temp\

[KatMac]

OK, I deleted the Temp folder and all its contents where ZA indicated bl4ck was. I then immediately created a new Temp folder.

I'm not really going to be able to tell much, because ZA was the only indicator that pointed to bl4ck being on my system. Very odd.

Do you think that's enough to fix this? Nothing is coming up in scans (but it wasn't before, either). Oh, and I removed the program from ZA.

Appreciate any input!
~Kat

[fink]

I can't really see doing much more although if you haven't already an online scan or two.. pick two from here.. one a/v and one spyware..

http://discussions.virtualdr.com/sho...d.php?t=167915

certainly wouldn't hurt anything.

Then if all seems clean just check back in the Zonealarm logs every once in a while to see if they indicate the bl4ck thing at all.

[KatMac]

Thanks, fink. Appreciate the input and reassurances, don't really know what else I can do either except watch ZA . Doing a couple scans that I don't typically use from the list, just to see if they pick up anything that my routine security software doesn't.

Think it's about time for a format C:\ anyway (been three years). Just too many odds and ends glitchy things that don't make sense happening. And oh, how I dread that job!