Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit - Service function NtUnloadKey hook -> uphcleanhlp.sys +0x6D0


  • Please log in to reply
1 reply to this topic

#1 Ollie66

Ollie66

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 12 May 2011 - 12:36 AM

Hello there,

I am unable to remove a Rootkit that has been identified in an AVG Anti Rootkit Scan. My operating systwm is XP with SP3.

The details are as follows:

Software: AVG Free Version 10.0.1375
Activity Undertaken: Anti Rootkit Scan
Problem Located.
Tab: Rootkit
File: C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
Infection: Service function NtUnloadKey hook -> uphcleanhlp.sys +0x6D0
Result: Object is hidden

I am concerned about the damage such an infection may cause. I seek your help in removing the infection please.

Kind regards
Ollie66

Edited by Budapest, 12 May 2011 - 12:38 AM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 PM

Posted 12 May 2011 - 12:38 AM

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users