rundll32
The Windows Operating System (OS) uses the rundll32.exe application to run or launch other programs that are located in shared .DLL (Dynamic Link Library) files on the Windows OS. Rundll32.exe is a valid Windows OS file and it is normal for it to be running on a computer. Since many users get used to seeing the Rundll32.exe application name running on their computer(s), computer malware architects have mimicked the program name on malicious applications. These applications are stored in alternative locations on the computer in an attempt to keep the malware from being removed.
Where is the Rundll32.exe Program normally Stored?
The rundll32.exe application is normally stored in the “WindowsSystem32” directory. The manufacturer installs this on the “C” drive on most Windows computers. When a spyware application deploys itself under the same filename, it will normally be saved in a different location on the computer.
How to Verify the Location of Rundll32.exe in Windows Vista Task Manager
Step1 – Open the Windows Task Manager by pressing “CTRL” + “ALT” + “DEL” simultaneously.
Step 2 – Choose “View” and “Select Columns” and check the “Command Line” menu option.
Step 3 – View the full file path for the executable files in the subsequently displayed list. If there is a rundll32.exe program that is not located in the System32 directory, scan the computer's hard drive for potential infection.
Use Microsoft Process Explorer to Determine if Rundll32.exe is Valid
Step 1 – Download the free “Process Explorer” from Microsoft.
Step 2 – Launch Process Explorer and then click “File” and “Show Details for All Processes.”
Step 3– Select “Rundll32.exe” and a tooltip with the application file's location will be displayed on the computer.
Step 4 – An alternate option is to right click the rundll32.exe program and click “Properties” to see the fully qualified file path for the executable file.
Comments - No Responses to “rundll32”
Sorry but comments are closed at this time.