I picked up a Trojan and managed to get rid of it via several tools. However, ZA SS continues to detect it realtime in my c:\System Restore, shortly after each boot. ZA quarantines it before it can do any damage, but how can I get rid of it in System Restore.
I cannot get into the SR directory with Explorer even when I try to remove the h,r,s,a attributes. Even though I am the Administrator it appears that I don't have the privileges to look at what's in the SR directory.
Will this problem eventually disappear through attrition as I accumulate more Restore points? I tried turning off SR and then turning it on again. It appeared to get rid of the restore points, but eventually ZA started picking up the trojan again. (I did not reboot after turning SR off and on.) I do delete it from the virus log, but this appears to get rid of it only in the log.
I've run RootkitRevealer and Hijaak, poured through all my startup settings and autoruns, and can see nothing obvious.
Any suggestions? Again the Trojan is the Win32Rbot.byt.
Thanks in advance
Running ZA SS 7.0.337.0
Operating System:Windows XP Pro
Product Name:ZoneAlarm Internet Security Suite