Now the problem with the Firefox cache is that the files in there aren't indexed by URL name so I had no idea which site I'd gotten that trojan from. The only two sites that were open in my browser at that time were Google Reader and this here blog of mine. This blog, by the way, is installed on my own website which, in turn, is hosted on a shared web hosting server in the US. A server that is expertly managed by my web host's very competent systems administrators. My website, therefore, is very secure. My blog is also secure since my version of WordPress is almost always up-to-date. This, then, was strange since neither of those sites should really have had a trojan or virus or anything else malicious on them.
Since Google Reader was the less likely trojan-hosting candidate, I thought I'd check my blogs's HTML page source to see if I could figure out what was going on. However, when I tried to check it through Firefox, the page came up "missing". That was not a good sign. This meant that it was indeed my blog that contained the trojan since it was this page's local copy (in the cache) that Zone Alarm had quarantined. To double check, I navigated away from and then came back my blog's home page. Immediately, Zone Alarm popped-up another quarantine notice. Yep, the trojan was in my blog .
Time For Some Research
I then went to the web to learn all I could about the trojan which, strangely enough, wasn't much at all. This trojan was (and still is) rather new to the 'net and, therefore, has been minimally catalogued in all the online virus databases. It was, however, mentioned on a few message boards. Unfortunately, the relevant posting on Zone Alarm's message board was incredibly useless while the message boards that really seemed to be discussing it actively were all in Russian. Google Translate helped a bit with that but, ultimately, I couldn't learn anything from those pages either.
Still, a trojan is a trojan. So I set about trying to fix the problem myself.
The first thing I then did was some more research. I started by checking the WordPress site for security documentation. I learnt quite a bit from there. I then went and did all the things they suggested you do to 'harden' your WordPress installation. These were things I hadn't done earlier and that was probably how the trojan had gotten into my blog in the first place.
Next, I went and downloaded (through FTP) all the files from my blog installation to my local hard drive. All the files (mostly PHP files) got downloaded just fine but one of them immediately got quarantined by Zone Alarm. "A-ha", I thought, "that must be the file that contains the trojan. I must look at this file." Unfortunately, Zone Alarm wouldn't let me (duh!).
It All Falls In To Place
Fortunately, our blogs eventually came back online (did I mention that my web host's SysAdmins were really good?) and, this time, I wasn't getting any trojan pop-up messages from Zone Alarm when I visited them. However, the next day, the trojan quarantine messages were back. Oh, and now they were coming from both blogs. It was then that it occurred to me: "Dammit! The reason my code editing didn't work the first time was because I was trying to make my trojan-ridden code look like another kind of trojan-ridden code!" That is, I wasn't actually removing the trojan from my blog, I was merely changing it to look like the trojan on Nadia's blog. What I should have done was compare my version of the file to a perfectly clean version of the same file.
Removing that was easy and now, finally, our blogs are completely trojan-free. If all now goes well, and with the help of a much more secure WordPress installation, our blogs will stay trojan-free from now on as well. Here's hoping.
 While my web host's SysAdmins are responsible for maintaining the web server itself, they aren't responsible for the stuff you install on your site. That is, the fact that my blog had a trojan in it, wasn't their fault. It wasn't entirely my fault, either. Nor was it really the fault of the people who made WordPress. It was basically the fault of the hackers who had found a way to exploit a vulnerability in WordPress that let them attach this trojan to it. That's usually how it happens anyway.