I recently reinstalled the OS (Windows XP Professional) on my laptop (Dell Latitude D600), after many multiple years, and where it had just become a jumbled and slow-moving mess. It's now working like a spring lamb (a reasonably clear metaphor - I hope).
I reinstalled my anti-virus program (AVG Free) and a few of others, and a couple of days later I noticed that AVG was returning a notification that it had identified a IRP Hook rootkit was present - which is guaranteed to the suck the fun out of a room pretty quick, especially after just reinstalling everything.
I've done some research about the IRP Hook rootkit, but have not taken any of the various steps that are suggested for removing it from the Master Boot Record (MBR). However, today when I looked at the virus scan from last night (and a couple of nights prior), AVG is reporting that the rootkit is no longer detected. Now I know that these kind of programs can demonstrate an almost AI capability to transform themselves - but this doesn't seem like a reasonable explanation, even to me.
Here are a couple of Before and After screenshots of the AVG report summaries (and yes, today's summary shows no viruses other infections present). Could this just be AVG reflecting a "false positive"?