Win32:Bubak [Rtk] Won't delete. Blue Screen. Help Please.

iwpcj.sys Won’t delete/Repair & and it causes Blue Screens.
Been have trouble with this thing for sometime now.

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org

Database version: 5951

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

04/03/2011 9:20:52 AM
mbam-log-2011-03-04 (09-20-49).txt

Scan type: Quick scan
Objects scanned: 142451
Time elapsed: 3 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\windows\system32\drivers\iwpcj.sys (Rootkit.Agent) → No action taken.

Avast Scan

ROOTKIT BLOCKED

Object: C:\Windows\System32\Drivers\iwpcj.sys
Infection: Win32:Bubak [Rtk]
Action: Blank
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe



Is there anything I can do ?

your malwarebytes log say “No action taken” so did you not remove it ???

have you tried avast boot scan ?
http://spgscott.wordpress.com/tutorials/avast-boot-time-scan/

Interesting link found here: http://boardreader.com/thread/Win32_Bubnix_J_Rtk_Win32_Bubak_Rtk_VBS_M_96o8Xkcag.html
source for link: Tech Support Guy Malware Removal & HijackThis logs

polonus

Hi SkyLx.
Follow instructions…

Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr

Double click dds.scr to run the tool.

* When done, DDS will open two (2) logs:
     1. DDS.txt
     2. Attach.txt

Save both reports to your desktop. Post DDS.txt back to topic.

Actually I try to remove it all the time. It just comes back. When I use Malwarebytes deletetion. But that infection just came back.

Thank you the avast boot scan indeed help. It actually did removed it. :slight_smile:
Thank you so much.