One of the members here posted that her task manager showed "rundll32.exe" was starting 12-15 instances
of itself. I used Process Monitor - from Sysinternals - because I too, started to notice my
"rundll32.exe" is running amuck! I'm seeing literally thousands of them. I have a copy of a
recent Process Monitor session, in .csv, .pml and .xml formats - in case you'd like to see it.
It's a pretty short session, with only processes being monitored. It started in early June and has been
ongoing since I upgraded from Vista, to Windows 7 on June 2, 2017 to be exact.
Actually, it's my third attempt to successfully install Win 7;
the first two went fine, until I ran Windows Update to install the 189 updates that were available
for my install. The first attempt never made it to completion, despite my letting it run for two days.
I mean, I knew deep down that it wouldn't matter how long I let it (presumably) run; it wasn't going to
magically finish up, so finally I hit reset. I ended up with a "Bad_Patch" blue screen. Ultimately, I had no
other recourse but to format and reinstall. Number two went almost the exact same way. After exhausting my
options again, all I had left was to format and reinstall.
This install, however, I decided to approach Windows Update a little bit differently. I completely
disabled it. I've just about had it with Microsoft thinking that they know what's best for my
system. They don't! Nor do they provide genuine support, for most of these types of problems...
Anyway, I began by getting one update at a time, although after a few days of that, it seemed like
I would never finish! I decided to do them in groups of 12; that way it would be easier to narrow
down which update was crashing my system. I'm finally at the home stretch, with about 30 or so,
optional updates to go. I had hopes that updating would solve my rundll-dilemma, but it did not. I did,
however, make it through all of the updates that I suspected would hose my install, again. That is a
welcome relief, to be sure. But in place of that, is the current nightmare. Every time it happens, my
RAM usage peaks at 94 to 96%; my core2 quad CPU maxes out at 100% and just about every byte
of my 6GB pagefile.sys is used up!
During these often (and very random) episodes, I can move my mouse cursor, but that's it. Ctrl-Alt-Del
is useless, the start menu won't open; etc. Only when it is well into its descent, will it start to - albeit slowly
respond. I cannot make it happen, either. My only signs that it's starting are: 1) The display on my
Logitech G13; or: 2) The system being brought to its knees. I am currently using the latest Norton
Security and have run a full-system scan, via its Rescue CD. It found 12 issues (mostly in very old .zip
files) and automatically fixed, or got rid of them. Additionally, I got into the habit years ago, of
disabling my NIC in the Device Manager once I'm done with an online session, so that I'm not
online 24/7. Naturally, I can't claim to have avoided any attacks, but I can attest to the sheer piece of
mind I have, in doing it this way.
I realize that rundll32.exe is called by another process, in order to run. I just can't seem to pinpoint
the offender(s). Occasionally, it will be obvious as to who is initially starting it; however, most times,
particularly when more than 300 are starting - one after the other, there isn't a specific process that I
can find, to be responsible. I should note that I'm not at all an expert with Process Monitor, or any
of the many utilities offered in the Sysinternals Suite. Further, while I do not trust Microsoft in general,
I have the utmost trust in the Sysinternals co-Founder, Mark Russinovich. Yes, they were absorbed by MS.
But, everyone should be allowed at least one mistake. Right?
I trust bleepingcomputer and it's community of volunteers, as much - if not more, than Sysinternals.
That's why I'm here. I've followed your site, for years and learned a great deal. I also know how close
we all came to not having this wonderful resource anymore. So, even if there is nothing that can be done,
in this case, I still must say: "Thank you, for all the time, effort, and above all, patience - that all of you folks here
give on a daily basis. It truly is extraordinary!" I really am so grateful for all of you.
- Windows 7 Professional 64bit : v6.1.7601 sp1 (all recommended updates installed)
- Norton Security v18.104.22.168
Edited by noparts, 25 July 2017 - 04:29 AM.