Hi All

Bit panicky here - will try and keep it short.
Laptop with Windows 7, Running AVG free version as main scheduled antivirus with Malwarebytes as alternative. Last 3 days AVG has started reporting IRP Hook Rootkit Trojan (9 entries). Run removal each time but next day same IRP Hook files reappear.

Have searched online etc for how to fix. Come up with varying info: either these are false positives generated by AVG or a problem with driver, or a really nasty, potentially system destroying Trojan. If latter the fixes are very complex and don't always seem successful and how do you trust that those suggesting the fixes are above board.

So thought I'd ask here as you folk haven't steered me wrong yet. So if any one has any recommendations of sites they know can be trusted or suggestions it would be appreciated.

I know I could take it to repair shop but just 3 wks ago I took it in because it was slow on start-up - they said it was an unrepairable corrupt hard drive - new hard drive was $275.00. They cloned my old hard drive on to the new one - now I'm beginning to wonder if the Trojan was hidden on the old hard drive & causing the problem. Only other thing I changed was removed AVG 2014 and downloaded the 2015 version shortly before this started happening.

I'm too scared to even start up my laptop at the moment until I can either find a fix or figure out if this is an AVG bug. (Fired up a second-hand I-pad to do this).

Thanks for reading.

Have you tried scanning in safe mode with malwarebytes?

There were a lot of places on google search but some were difficult to follow and complicated.

This one seemed more straightforward.

http://www.im-infected.com/trojan/ir...it-trojan.html

Hi Lara
Thanks for getting back so quick. Malwarebytes doesn't detect it - as many of the others who had the same problem found. I'll try that link you provided then I think I'll leave it for tonite - bit of a mental overload right now.

Have a good evening.

I looked for a while before posting.
I'm on a mac these days so have forgotten a lot of what to do I'm sorry.

If I find anything less complicated I'll post it.

take care there. Must be cold too.

Just read that link Lara. It's much clearer than most of the others I found and I do recognise some of the names there eg Symantec. Will bookmark it and try it tomorrow.

Thanks for finding it - I'll sleep easier tonite.

Sleep well. By tomorrow someone else may have some ideas as well.
talk later

Hi bluesfan

Adding to the link which Lara provided (which looks good to me) this one might also help in zapping the Trojan; http://www.antivirusgateway.com/how-...emoval-guides/ .