Trogan horse avast cannot delete

[cretus]

Avast tells me we have this trojan horse, but nothing we do can seem to remove or guaranteen it.
In file  C:\WINDOWS\SYSTEM32\TASKDIR.DLL
          Win32:lager.Q[trj]
          VPS version 0622-1, 05/29/2006

[XMAS]

Hello and welcome

What is your operating system? If you have NT-based system(WinNT, WinXP, Win2000...) you can try to do a boot-time scan. To Schedule a boot time-scan: start avast! and then go to: Menu -> Schedule boot time scan

BTW the latest VPS is 0622-2

[DavidR]

@ X:M:A:S: the location in the system32 folder is usually a good indication of XP.

@ cretus
Windows in its infinite wisdom protects files in use (even malware), so it is likely that avast! can't delete or move files in use. So schedule boot-time scan in avast's menu if you have XP, win2k or NT, otherwise boot into safe mode and run an avast scan. This should ensure that the file isn't in use and avast should be able to deal with it.

Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can't put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.

Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.