rundll32.exe

Status
Not open for further replies.
gandip

gandip

DEVIL MASTER
ON task management under administrator there is running rundll32.exe.
In registry in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
there is "hid_start "as name location is C:\windows \system32\Rundll32.exe .Is this a malware.I googled & found that it is windows file .But on starting I get message saying internet explore could not find web you are looking for.how can it happen when i am not using IE on start.On browsing with mozilla I get ads on other window.Right it the add is from "PerfSpot .com" .I have no problem on delay startup or shut down.
 
nvidia

nvidia

-----ATi-----
rundll32.exe is a process which executes DLL's and places their libraries into the memory, so they can be used more efficiently by applications. This program is important for the stable and secure running of your computer and should not be terminated.

rundll32.exe is a process registered as a backdoor vulnerability which may be installed for malicious purposes by an attacker allowing access to your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system.

rundll32.exe could also be a process which belongs to the . This program is a non-essential process, but should not be terminated unless suspected to be causing problems.

Source
 
anandk

anandk

Distinguished Member
this one looks like the legit ms process. rt click on that file to check its properties. to be still safe get it checked at *virusscan.jotti.org/ .

your problem seemd to be something else. pls clarify problem as i have not understood your balance problem correctly: on starting WHAT do u get message saying internet explore could not find web you are looking for?

maybe due to your your IE's internet zone-security settings, ads are being blocked.
 
OP
gandip

gandip

DEVIL MASTER
Used your link but nothing found.
When i open startup folder there was a file in hidden .
The name of file was destop configuration.

When i was open it with notepad i found following.
[.ShellClassInfo]
IconFile=%SystemRoot%\system32\SHELL32.dll
IconIndex=166
Is this theard to my computer.

On registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
there is
spa_start REG_SZ C:WINDOWS\SYSTEM 32\Rundll32.exe"C:\windows\system32\sprt_ads.dll"DLLSTART

when i scanned sprt_ads.dllusing ur reffered website it detected as Malware.

Similarly there is
hid_start REG_SZ C:WINDOWS\SYSTEM 32\Rundll32.exe"C:\windows\system32\gzmrotate.dll"DLLverify

This file was also detected as Malware.
Shuod I delete those file.or ...................:!:
 
Status
Not open for further replies.
Top Bottom