Ok, now I'm running Vista home, with Zonealarm Internet Security Suite 8.0.298.035 with latest definitions, all options set for maximum protection.I'm also running the latest Malwarebytes Anti-Malware, Spybot S&D, and A-squared, and they all work well together.I did a VERY thorough system scan a week ago (it took 3 sold days to run) with all of them as well as a Kaspersky boot cd scan and the result was CLEAN.
Now somehow when A-squared did a routine system scan last night, Zonealarm started picking up HTM and HTML files supposedly infected with Trojan-Clicker.HTML.iFrame.aga. (A-Squared didn't report anything, but obviously the file access by A-Squared was monitored by ZA, which did pick it up)
I cancelled the A-Squared scan and ran a full scan with ZA Anti-virus overnight, and this morning there were some 8,000 infected files !ie ALL HTM and HTML files on C: regardless of where they were.I couldn't see any infecting agents in the result list though (ie infected .exe's or such), but then scrolling through 8,000 entries it could be easily missed too.
So, the questions are :
1. How could I possibly get infected like this given the level of protection I have !?
2. Given that the system was scanned throughly recently and squeaky clean plus the fact that there doesn't seem to be any non-HTML infection, it seems likely that this is one MASSIVE false positive !?? Surely you'd need to have an exectuable infection to modify every single HTM/HTML files in a system !?
3. I can't open any of the HTML files to look at the code to confirm this as access is being denied. Is a safe mode editor peek the best way of checking for infection ?
4. How can I process these 8,000 infections ? Selecting them one at a time would take weeks and there's no provision to "select all". All I can do is close the scan window and leave the infections as is for now...Also, it would be nice if ZA had provision to submit files for analysis...
I've also quarantined a handful of them. How can un-quarantine/restore them if need to (if a false-positive)?
6. Malwarebytes, Spybot and A-Squared say the files are clean by the way...
Please offer suggestions here, as the pc would take 2 weeks (literally)
to reformat and reload everything on it, if it came down to that.
Operating System:Windows Vista Home Premium
Product Name:ZoneAlarm Internet Security Suite