Dell System Restore For Rundll32.exe Infection

Rundll32.exe Infection

PATRICK MOZINGO asked on February 19, 2013. Status: Answered & Closed.

» I used the Dell System Restore to clear out my PC to start from scratch after noticing my Rundll32.exe has a blank document icon, and I had several rundll32's in my task manager. However, while they don't appear in the task manager the rundll32 is still a blank document icon.

Best Answer

» First of all let me tell you what rundll32.exe is! Rundll32.exe is a Windows host process which runs and executes all your dll files. It is a very important process and is required for all your applications to work properly.

Normally files with .exe extensions are application files having windows default application icons. If your Rundll32.exe is infected the icon turns into a page type icon.There are many ways Rundll32 can get infected. Rundll32.exe can be attacked by a hacker(TrojanSpy:Win32/Banker.ND) or a bot maker and can be exploited by making it steal passwords and other confidential data that you enter online. These files will then run in stealth mode and automatically replicate itself.

The exploited rundll32 file can also be used by a hacker to use your system as a bot and spread malware such as DDOS (Distributed Denial-Of-Service) attack. These files then become undetectable to many antivirus softwares.

In case your rundll32.exe is infected you can easily confirm it by looking in your task manager, if there are multiple processes going by the name ‘rundll32.exe', then i am sorry to say that your system is already compromised.

Firstly remove it with your AV programme, and then clean your system with DLL Suite, which has a special feature of Fix Exe Virus. And you can replace rundll32.exe cleanly and safely, beucase Dll Suite is also a most uptodate dll file library including any exe file.

DEBRA KEETON replied on February 25, 2013

All Answers:

  1. S LAUTENBACH replied on February 19, 2013: » A rundll32.exe error usually occurs whenever your PC is not responding correctly due to either a corrupted software application or a faulty hardware device. In some cases, users have reported that rundll32.exe has been disguised as a virus. You'll generally notice this error message during your Windows startup or shutdown cycle.

    Run SFC scan to find missing or corrupt files that may be causing this issue. System File Checker (SFC) checks that all Windows 7 system files are where they should be as they were by default and not corrupted, changed, or damaged.

  2. PATRICK MOZINGO replied on February 19, 2013: » The rundll32.exe icon is still that of a blank document, I've done the scan before yet it says everything is fine. In the System32 folder, I've read before that it's suppose to look different and the blank doc icon means it's infected?

  3. MIKE HALLIWUSHKA replied on February 20, 2013: » The Rundll32dll.exe is not a document, but it uses an icon similar to a text document, just as notepad uses a slightly different icon to word. Equally there are many other plain doc type icons in Windows that are white rather than blue. Rundll32 does not always appear in Task Manager because it is not always running. It only runs when required ( read what Vinod wrote ).

  4. HARVEY FARBER replied on February 22, 2013: » You should believe what you read on dubious sites, and no icon changes when a file is infected.

    Nore should you install any dubious "SpeedUpMyPc" type of software, whether paid for or free, as the use of such can in the worst case render the sys or apps unusable.

  5. MICHAEL BRIGHT replied on February 23, 2013: » Based on what I've seen in the past you MIGHT be infected with Virut. Very nasty virus. Hard to get rid of it. Hit Malware will identify it as Let me know of it is Virut, I'll show where to get a good tool to fix it.

