newbie user is very confused

[CecilL]

MY first scan indicated over 1100 infections of htm files with the Trojan-Clicker.HTML.IFrame.bj infection -- it appears every htm file in the quickscan may have been flagged.  I accidentally removed them all to the chest  (I meant to remove only one as a test) and now do not know how to restore them as surely these are false positives   OR NOT ??  HELP PLEASE !  I am worried that if I restart Windows it will now crash so I do not know what to do.

[Hermite15]

MY first scan indicated over 1100 infections of htm files with the Trojan-Clicker.HTML.IFrame.bj infection -- it appears every htm file in the quickscan may have been flagged.  I accidentally removed them all to the chest  (I meant to remove only one as a test) and now do not know how to restore them as surely these are false positives   OR NOT ??  HELP PLEASE !  I am worried that if I restart Windows it will now crash so I do not know what to do.

your system doesn't need htm files to boot...these are temporary internet files.

[nmb]

Hello,

Are these iframes detected in the temporary internet files or manually (user) saved htm or html files?

Because you might be infected with file infectors viz, virut.

Did avast! detect virut or other file infector virus in any of the files? particularly .exe and .scr files?

Are programs running oki? Or they do not open?

What is your os?

nmb

[CecilL]

OS is XP SP2 ... These files are shown as type .htm from many programs and directories ranging from games such as BF2 to C:\Windows\System32\oobe\setup\timezone.htm as an example. Also are from the help files of Windows and others,etc.  They appear to me to be dialogue or help type files. They all have "last changed" dates of either 12/31/98 or 12/12/2000 which makes no sense as these are different proggies installed over many years. Perhaps they are all original Windows installation files and are false positives?  I just noticed that there is ONE file among the 1100+ quarantined, C:\Windows\delete.bat, which is listed as VBS:Malware-gen, with a last-changed date of may 2007.  Can all the htm files be restored as a group the same way they were quarantined?  Thanks so much for helping me out.

[nmb]

Are programs running oki? Or they do not open?

[nmb]

I don't see why you have not updated your system? The latest version SP3.

You can restore all the files from the chest but, there is something on your computer(malware) doing such foolish stuff. I will ask one of my forum friends to take it on from here. You may have to wait until he posts here. He is essexboy. He is a malware removal expert. I will send him a personal message.

nmb

[CecilL]

thanks nmb ... it appears that programs are running ok ... nothing strange has happened ... I am concerned about rebooting until I understand any effects of the quarantines ... are these all temporary files and can be left in the chest.

As an Avast newbie I don't see how a group restore is done for the 1100 files if I need to do that  ... I will look again while waiting on essexboy .. thanks so much for responding.

[nmb]

Hello,

If all are html files or htm, there is no problem in turning off the pc. Make sure there are no system files in the chest.

nmb

[essexboy]

Hi lets have a look see 

Download OTL  to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Check the box that says Scan All Users
  
• Under the Custom Scan box paste this in

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /180

• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Post both logs