Well I'm not sure if this will be the best idea for your problem, but I would suggest finding the path of the virus, finding the name, and submit the virus name in the virus encyclopedia here. I have AVG free ver. 7.1.405 and it works nicely on keeping my computer free of virus's. I've had a trojan in my vault that was not able to delete because avg had warned me I could not. Instead, being paranoid about a couple virus's that I could not delete in the AVG vault, I researched the virus name, and tracked the path where the virus was said to be on my computer. Found unknown files, and deleted them. Ran AVG again and they were removed. You may try this way if you want, but make sure of the files you are deleting are not part of your system or programs you may have. Feel free to PM me if you need any further assistance.

I used Nortons, McAfee and many retail versions in my time, while they are very reliable. They are also very steep to get if you decide to buy them legally.

In my experience of using Anti-virus scanners and spyware removers, I find that the free AVG + Ad-aware SE Plus combo is the best, considering both do regular updates while at the same time track down viruses of any type (trojans, etc), and Ad-aware looks for any trojan-like spyware and malware.

I have Ad-aware SE free version which I update and run regularly along with AVG which automatically runs, but the trojan still got in. But I think I will try to figure out what squeaky suggested and try to track down the viruses location and delete the file, then run AVG again. This is not my computer, it is my girlfriends, but I maintain it for her. I try to tell her to watch were she goes and not to download things she doesn't know, but I'm not always available for her to run things by. And I'm not going to be the computer police and watch her every move. So all I can do is keep AVG, Ad-aware SE, and Spybot updated and run them often.

Try running Windows Defender.

To get a trojan, you must have visited sum pretty ugly site, try not to watch anything your not supposed to watch next time.

Beware, if a trojan is not completely removed it may have self replicated with new file names as one user has suggested already. Once you have some clue as to the file name or suspect files search the net for a while and eventually you will find a way to remove it. AVG and other anti virus programs as good as they may be, are not always the first to fix a problem. Great to detect, but try not to use the infected computer at all until you find out how to remove the trojan. Just look at my post in the computer security section to see how you too can be messed up by trojans if you don't follow through with removal right away. If the PC is on, leave it on but unplug the ethernet cable or whatever you use to connect to the internet because sometimes changes are made to system files and that requires a reboot to affect the cahnges. Get another PC from a friend and use that one to surf the net for tools and instructions etc... That one more boot just might mean the difference between non-destructive recovery and wiping everything out.
Backup any important files by networking to another PC or putting on external storage before you start messing with removal.

Oh, one more thing. I suspect in my case the trojan was downloaded in disguise as DIVx browser viewer from one of those sites that hosts movies and TV programs. This is the only reason I use my server for surfing the net while allowing JavaScript and Active X. Any other time I severely limit what my browser can do by disabling active x and javascript completely. That's how I know it must have been piggy backed with the DIVx installation.

This post has been edited by morshed: Jan 6 2008, 09:13 PM

Personally, I think that most Trojan horses are designed well enough to replicate themselves and keep from getting removed by most anti-viruses.

It's a pain, but whenever a friend of mine gets infected, I simply back everything up, wipe the drive clean, then reinstall everything.

It's a sure way of getting whatever is ailing your system.

I don't trust antiviruses to be able to remove every bit of malware from any system, not to mention that Windows won't grant read/write access to any programs (including deleting) if the file is in use. Kind of stupid how you want to remove something that IS doing something malicious, but Windows won't let you because it's busy doing just that.

As for processes, Google is awesome at helping you find out what's what. It comes through experience finding out off the bat what processes are essential and non-essential when looking at the Task Manager. To figure out some of them easily, run services.msc and when you double-click on a process, it will show you what the executable is that shows up in the Processes tab (and you will also find out why there are multiple instances of svchost.exe which always confused me back in the day). Also, if you Google for Windows services you should get multiple sites that will explain and even tell you if a process is essential to keeping Windows running normally.

You should always do the most compregensive scan on any file without a digital signature, and even if it does scan it anyway if it comes from a wierd source (like some company you've never heard of before and has a random name).

MD5 or CRCs help a lot, and if the download page (from a trusty source) states the original MD5 or CRC then check that the MD5 hash or CRC matches with what the program you just downloaded. Every once in a while, do a full system scan in safe mode and go and check that all the infected files and/or registry entries are removed since they may open backdoors...