I checked up on my running processes on my computer and came upon Rundll32.exe. I have Windows XP.
I checked, and there is no C:Windows/Rundll.exe, but there is a C:/Windows/I836/Rundll32. If I check the properties on when this file was created, it says December 28, 2004, which was when my computer was made. I also have C:\Windows\Prefatch\Rundll.exe-3C500167.pf (and a lot more like that). If I check the properties on when these files were created, it has dates from April 2, to April 4. There is also a C:\Windows\System32\rundll32, but I think I trust that as its description fits it and has December 28 as the day it was made. I’m not sure on the Prefatch folder ones though. I’m thinking I need to go in safe mode and run a scan, but I don’t want to jump to conclusions here. Should I?
Those are normal Windows XP files. It’s a good idea to do a virus scan every once in a while just to be safe (I like HouseCall), but the presence of those files isn’t anything to worry about.
Rundll.exe and Rundll32.exe are integral parts of the Windows operating system which, strangely enough, run Dynamic Link Libraries in the service of other legitimate programs.
However, they furnish a resource which some malware taps into. It downloads as a DLL rather than an executable and then uses Rundll (or -32) to hijack computer resources.
It should be there, and it may well be doing something legitimate in running. If you’re really familiar with your computer’s processes, you might check the registry to see WHAT it’s running, and why. Otherwise, don’t sweat it.