Hi All

Bit panicky here - will try and keep it short.
Laptop with Windows 7, Running AVG free version as main scheduled antivirus with Malwarebytes as alternative. Last 3 days AVG has started reporting IRP Hook Rootkit Trojan (9 entries). Run removal each time but next day same IRP Hook files reappear.

Have searched online etc for how to fix. Come up with varying info: either these are false positives generated by AVG or a problem with driver, or a really nasty, potentially system destroying Trojan. If latter the fixes are very complex and don't always seem successful and how do you trust that those suggesting the fixes are above board.

So thought I'd ask here as you folk haven't steered me wrong yet. So if any one has any recommendations of sites they know can be trusted or suggestions it would be appreciated.

I know I could take it to repair shop but just 3 wks ago I took it in because it was slow on start-up - they said it was an unrepairable corrupt hard drive - new hard drive was $275.00. They cloned my old hard drive on to the new one - now I'm beginning to wonder if the Trojan was hidden on the old hard drive & causing the problem. Only other thing I changed was removed AVG 2014 and downloaded the 2015 version shortly before this started happening.

I'm too scared to even start up my laptop at the moment until I can either find a fix or figure out if this is an AVG bug. (Fired up a second-hand I-pad to do this).

Thanks for reading.

Have you tried scanning in safe mode with malwarebytes?

There were a lot of places on google search but some were difficult to follow and complicated.

This one seemed more straightforward.

http://www.im-infected.com/trojan/ir...it-trojan.html

Hi Lara
Thanks for getting back so quick. Malwarebytes doesn't detect it - as many of the others who had the same problem found. I'll try that link you provided then I think I'll leave it for tonite - bit of a mental overload right now.

Have a good evening.

I looked for a while before posting.
I'm on a mac these days so have forgotten a lot of what to do I'm sorry.

If I find anything less complicated I'll post it.

take care there. Must be cold too.

Just read that link Lara. It's much clearer than most of the others I found and I do recognise some of the names there eg Symantec. Will bookmark it and try it tomorrow.

Thanks for finding it - I'll sleep easier tonite.

Sleep well. By tomorrow someone else may have some ideas as well.
talk later

Hi bluesfan

Adding to the link which Lara provided (which looks good to me) this one might also help in zapping the Trojan; http://www.antivirusgateway.com/how-...emoval-guides/ .

A LOT of the search results I found are marked as not safe by WOT.. (web of trust)
I would only get programs from well known anti virus sites in this case..

Have you tried Hijack this?
http://sourceforge.net/projects/hjt/
how to use it-
http://www.wikihow.com/Use-HiJackThis
http://www.bleepingcomputer.com/tuto...se-hijackthis/

other free tools-
http://free.antivirus.com/us/#cleanup-and-prevention
http://usa.kaspersky.com/downloads/TDSSKiller

Thanks for this kiwi33 - read through it and although for a non geek like me it's quite complicated I think I may be able to follow it.

Thanks Jo*mar
Is WOT a program I can download onto my laptop - does it review sites before they're downloaded?
Thanks for the other sites - I had read some of the Bleeping Computer forum & info. I'll look at the various options later today and figure out which of them might be manageable for me to attempt.

It's times like these I get really frustrated with computer manufacturers. They've well & truly forgotten the K.I.S.S principle when it comes to making computers for non-technical customers.