Yesterday Clamwin found this trojan in a file called foobar_uninstall.exe. However, no other AV (Trend online and AVG) found it, and there was nothing in the Clamwin quarantine vault. I uninstalled foobar using the Windows add/remove programmes facility, however Clamwin still shows the trojan in local settings\Temp. Is it likely that this is because I have yet to reboot, and complete the uninstall process? Is it safe to reboot while the trojan is still (?) there in a temporary file? (I should add that it still doesn't show up in the quarantine file, and neither avg nor windows defender can find anything wrong!)

It sounds like you had a false positive detection, but you can manually delete the file from the temp directory. ClamWin comes with a default of "Report Only" for infected files. You can also set it to Remove or to Quarantine; however, you should probably leave it at the default on a permanent basis--to prevent removing/quarantining an important file (like a Windows system file!) as a false positive. Check any detections it finds with Jotti or Virus Total first before you do anything. If a file is really infected, you can manually remove it or temporarily set the infected file option to remove/quarantine and rescan. Be sure to reset back to the infected file default afterwards.

Often, a virus in a temp file needs to be activated by a "control" program and they are harmless until then. You don't want them around though.

If you are not using a real-time antivirus with ClamWin (it is only an on-demand scanner), look into the Clam Sentinel front end for ClamWin (you must have ClamWin installed in order to use it). It's free at https://sourceforge.net/projects/clamsentinel/ on the web. Read the short Simple Guide before installation.

Regards,

Yes, that seems to have worked; manually deleted all temp files, and a new Clamwin scan is the all-clear! (Do seem to get a lot of PF's with Clamwin lately, but better safe than sorry!")