Virus: Syspack32.exe and dsRDMSPI.dll

  PalaeoBill 12:31 21 Mar 10

Just spent the morning removing win32:rootkit-gen [rtk] from my laptop and I was wondering if anyone had any further info on it. Source (what put it there) etc.

On boot I got multiple RUNDLL access denied errors trying to load dsRDMSPI.dll

AVAST anti-virus then completed an update and immediately kicked in stating the above dll contained the rootkit-gen [rtk].

One doing a full AVAST scan from boot, it found syspck32.exe in my startup folder and this also contained the rootkit-gen [rtk] as did a couple of my restore points.

I'm pretty vigilant normally and I don't browse the type of sites that harbour such nasties so I would really like to know what the source of this beastie is. Google search isn't showing up much.

Any ideas all you great minds?

  PalaeoBill 12:33 21 Mar 10

Sorry typo in the title. The beastie should be Syspck32.exe not Syspack32.exe

  johndrew 12:41 21 Mar 10

Most of the information I found is in Polish, Russian, German and Italian, but I did find this click here. Any help?

  PalaeoBill 13:13 21 Mar 10

Interesting, I haven't been near any VMWare products!
The only out of the ordinary places I can find in my web history is a search for a cycle machine manual that took be me and some pay to download instruction manual sites (I didn't click on anything in them) and some knitwear pattern searches on ebay that my wife did. I can't see anything suspect in that or anything else in the last two weeks browsing.
Perhaps syspck32.exe is too new and I will have to wait a while to discover what it is.

This thread is now locked and can not be replied to.

Nintendo Switch review: Hands-on with the intuitive modular console and its disappointing games…

1995-2015: How technology has changed the world in 20 years

Method Studios' title sequence for BBC series Taboo is truly unsettling

Best Pages for iOS tips | How to use Pages for iPad & iPhone: 7 simple tips to get more out of…