It's getting more difficult to keep track of the various stages and permutations of malware, whose definition has expanded to mean "anything you didn't ask for and don't want running." But since when did Yahoo IM become malware?
It's no secret that a lot of our Windows-based production systems, and even some of our virtual ones, run ZoneAlarm Pro. There are a lot of software-based firewalls available now, but for the most part, we've been able to trust ZoneAlarm, even now that its originators have been absorbed into Check Point Software Technologies.
True, we've had bits and pieces of trouble with ZoneAlarm over the years, most notably its strange inability to correctly identify the auto-updating agent in Sophos Anti-Virus, and to lock it out from Internet access instead. Yesterday, we noticed ZoneAlarm Pro's anti-malware scanner detecting what appeared to be a Trojan, on a system we usually trust to be quite clean. ZAP identified it as a known piece of malware dubbed Win32.Trojan.Yspy.