Hi All, Mum was using the computer yesterday when a Trojan Downloader got in through a java exploit when she was using internet explorer. Malwarebytes was able to detect Rootkit.0Access and Trojan.Sirefet on the computer. At first, this disabled Microsoft Security Essentials and was persistent until I did a system restore. Now things seem normal. There have been no recent system changes, new applications or downloads, it looks like it came in from a hacked site or something like that and I forgot to keep IE up-to date because I generally use proper browsers. Basically, what I want to ask is how much you guys might know about this threat? - I've wound back a week using system restore and they system is coming back clean. I even did manual checks. However, I am still planning on wiping the drive and re-installing and reverting to a clean snapshot. - Malwarebytes and Microsoft Security essentials were used to check, but I will be getting an anti-rootkit scan going after I wipe the HDD to make sure it's not lurking anywhere. The plan of attack is: - I have 4 HDDs, 2 document mirrors and one per OS. I will be disconnecting all but the infected system drive. The infected drive will be formatted. - From what I have read, this is a kernel-level root-kit. I have not seen an indication that it is a bootkit or infects BIOS. If it's just OS files that makes life easier. Is anyone able to confirm this? - I dual-boot win 7 x64 with XP x32. Am I correct to assume that that system is clean, being on a separate disk? - Will wiping the Win 7 drive completely (the boot sector too) cause issues accessing XP? I will not touch the existing XP install, and it would be as if I'm doing a clean install with XP pre-existing, but I might use a more robust formatting tool than what is used during teh windows install. Otherwise, I can look into other methods of ensuring the disk is clean. I'm finding some of the information on-line a bit vague on this topic, and the fastest and easiest solution is best because I need the comp back and healthy to run some simulations for uni. Basically, the plan is to: 1) Backup documents. 2) Run a rootkit scanner. I'll look into a good one that can look into boot sectors and hardware hopefully. 3) Disconnect "clean" Drives (XP, 2x Doc duplicates). 4) Wipe the W7 drive. 5) Bring the XP drive back and install W7. 6) Use True image to restore 7 with the drivers and core/trusted programs I had from a clean install earlier in the year. 7) Re-scan for rootkits. Hopefully this will do the trick, especially considering things seem pretty normal at the moment. If anyone knows anymore on the topic, your help would be much appreciated. Thanks in advance.