English | Deutsch
Try  Security
Task Manager
Inspect the rundll32.exe on your PC!
www.neuber.com

How to remove rundll32 error


The free file information forum can help you find out if rundll32.exe is a virus, trojan, spyware, adware which you can remove, or a file belonging to a Windows system or an application you can trust.

Software  Click to Run a Free Scan for rundll32.exe related errors


rundll32.exe file information

The process Run a DLL as an App or myRunner or Executar uma DLL como uma aplicação or Een DLL-bestand als toepassing starten or Eine DLL-Datei als Anwendung ausführen or Kør en DLL som et program or FTP Serv-U Daemon or url or Exécuter une DLL en tant qu'application or Ejecutar un archivo DLL como una aplicación or Windows host process (Rundll32) or Kör en DLL-fil som ett program or Bir DLL'i Uygulama olarak çalýþtýr belongs to the software Microsoft® Windows® Operating System or bsVirus or MicrosoftR WindowsR Operating System or HanSoft myRunner or rundll32.exe or Microsoft(R) Windows(R) Operating System or explorer or Microsoft? Windows? Operating System or Sistema operativo Microsoft® Windows® or Besturingssysteem Microsoft® Windows® or Betriebssystem Microsoft® Windows® or Operaèní systém Microsoft® Windows® or Microsoft® Windows® Operativsystem or Serv-U or Microsoft¢ç Windows¢ç Operating System or Fast Typer or url or PowerDesk or Proccess ID or Système d'exploitation Microsoft® Windows® or rundll32.exe or Microsoft(R) Windows (R) 2000 Operating System or Operativsystemet Microsoft® Windows® or Outerinfo or Project or Operacni system Microsoft® Windows® or Microsoft® Windows® Ýþletim Sistemi or Microsoft® DRM or rundll32.exe" -vt yazb by Microsoft Corporation (www.microsoft.com) or Tastysoft SD or HanSoft or Cat Soft (www.cat-soft.com) or url or skb.

Description: File rundll32.exe is located in the folder C:\Windows\System32. Known file sizes on Windows XP are 33280 bytes (87% of all occurrence), 31744 bytes, 44544 bytes, 34816 bytes, 33792 bytes, 32768 bytes, 1371648 bytes, 32256 bytes, 1254400 bytes, 610304 bytes, 537088 bytes, 40448 bytes, 61952 bytes, 1304064 bytes, 143872 bytes, 10240 bytes, 10000 bytes, 1359872 bytes, 36864 bytes.
The file is a Windows system file. It is a trustworthy file from Microsoft. Therefore the technical security rating is 4% dangerous, however also read the users reviews.

Recommended: Identify rundll32.exe related errors

If rundll32.exe is located in a subfolder of C:\Windows then the security rating is 82% dangerous. File size is 78336 bytes (15% of all occurrence), 60004 bytes, 81408 bytes, 80384 bytes, 69632 bytes, 36352 bytes, 31246 bytes, 34816 bytes, 35328 bytes, 51238 bytes, 70344 bytes, 61545 bytes. The program is not visible. The file is located in the Windows folder, but it is not a Windows core file. rundll32.exe is not a Windows system file. There is no information about the maker of the file. The process starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run, C:\Windows\win.ini, HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders). File rundll32.exe is able to record keyboard inputs. rundll32.exe is able to manipulate other programs, monitor applications.

If rundll32.exe is located in the folder C:\Windows then the security rating is 64% dangerous. File size is 56320 bytes (45% of all occurrence), 1264832 bytes, 57344 bytes, 135168 bytes, 58368 bytes, 18432 bytes. File rundll32.exe is a file without information about the maker of this file. The file is not a Windows core file. The program is loaded during the Windows boot process (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run, C:\Windows\win.ini, HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders). It is an unknown file in the Windows folder. The program is not visible. rundll32.exe is able to monitor applications, record inputs, hide itself.

If rundll32.exe is located in the folder "C:\Program Files\Common Files" then the security rating is 80% dangerous. File size is 178180 bytes.

If rundll32.exe is located in a subfolder of "C:\Program Files" then the security rating is 51% dangerous. File size is 772212 bytes (25% of all occurrence), 187904 bytes, 24576 bytes, 401408 bytes.

If rundll32.exe is located in a subfolder of C:\Windows\System32 then the security rating is 81% dangerous. File size is 26112 bytes (50% of all occurrence), 112716 bytes.

If rundll32.exe is located in a subfolder of "C:\Documents and Settings" then the security rating is 82% dangerous. File size is 46592 bytes.

External information from Paul Collins:
There are different files with the same name:

  • "BatInfEx" can run at start up. Displays battery status information on an IBM Thinkpad
  • "LoadPowerProfile" definitely not required. Added by the MIROOT WORM! Note - do not confuse with the valid LoadPowerProfile entry which has "powrprof.dll" appended to the command/data line
  • "Rundll32" definitely not required. Added by the DVLDR TROJAN! Note - this is not the valid "Rundll32.exe" as it's in the Windows\Fonts directory
  • "rundll32" definitely not required. Added by the SANKER WORM! Note that the valid "rundll32.exe" resides in C:\Windows\System32 wheras this version resides in C:\Windows
  • "TaskMan" definitely not required. Added by the DVLDR TROJAN! Note - this is not the valid "rundll32.exe" as it's in the Windows\Fonts directory
  • "UPDATEHOOK": ??
  • "Win32 Rundll Loader" definitely not required. Added by the SDBOT.A TROJAN! Note: Rundll32.exe is a valid Windows application called "Run a DLL as an App" and stored in the C:\Windows directory. The version created by this virus is saved in the C:\Windows\System directory
  • "Windows DLL Loader" definitely not required.

Important: Some malware camouflage themselves as rundll32.exe, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the rundll32.exe process on your pc whether it is pest. We recommend Security Task Manager for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.

Links: ,

Score

User Comments

Rate
i searched for "runedll32" and it came up with runedll32.exe and also rundll32.exe(numbersletters).pf, can somone tell me what it is for?
  jason  
Rate
Rundll loaded since i intalled the nvidia driver for video card without it the control panel for display will not be there for u to fine tune your card. I have noticed the trojan/virus's use the same name for malicious exe files though scan your stuff regularly
  Rave  
Rate
This application merely runs DLLs, problems with your computer that may seem to be caused buy this program are actually caused by a dll file, Start Run "Msconfig", and check all the programs that use rundll, google each one and find out if it's safe or not
  Tam  
Rate
Its necessary and dangerous, exactly as anything else in Windows. If you have troubles, try to 1) Kill the process 2) replace the file 3) reinstall windows 4) Try linux
  Pierre  
Rate
Get the ORGINAL rundll32,exe from your WinXP Cd. Start your PC in safemode and past the file from your CD over the top of the infected file. Always use a firewall (ZoneAlarm) and AntiVirus Program (NAV corp 9)
  Peter_C_   (further information)
Rate
okay, every time i try to open my "control panel" a screen pops up that says "Windows cannot find 'C:\WINDOWS\system32\rundll32.exe'. Make sure you typed the name correctly, and then try again. To search for the file, click the Start Button, and then click Search. I am confused and dont know what to do.
  Billy  
Rate
its a very imp. file for all os. it is used to execute some programs and open the control panel
  akshaydeep  
Rate
I have seen 'rundll32.exe' running on many of my clients' computers. A normal computer would not show this process although it still runs. As many others have said the aim of this program is to run Dynamic Link Library files (*.dll) into 32-bit executables (*.exe). This program is vital and should not be deleted. Clients have had problems accessing Control Panel etc. after deleting it. If you see 'rundll32.exe' (similar but not exact / multiple processes) that are eating your memory than you should do one of the following: 1) Use System Restore (although this might mess things up)..
  Trapper  
Rate
You can use a program that automatically kills (or blacklists) a specified startup item (Not Tested and so might also block the real rundll32.exe). On very rare occasions startup items can be deleted from msconfig and regedit (if you don't have any experience it is better to use a Startup Manager) You might set the priority as low, although this would not really solve the problem at all. You can use a combination of methods I have written. There are various other techniques that can be used. This file should not be deleted but taken care of, if you suspect it..
  Trapper  
Rate
When it deleted i can't use properties when right click on desktop, can't show my computer properties.
  kyzin  
Rate
i found hidden rundll32.exe from dllcache folder, is it normal or should I delete it?
  Andreas  
Rate
according to msconfig, rundll32.exe command says to run the Bluetooth Authentication Agent. so if you don't use bluetooth, i'd say just go to services.msc and disable your bluetooth.
  ntkw  
Rate
Downloaded with some other rubbish inadvertantly. Caused continual pop ups interfering with normal useage and slowed down the computer. Pop ups were all reporting spyware and directing me to rogue spyware sites. Couldn't be removed, system restore didn't work, a complete menace. Sorted easily and quickly by downloading free Malwarebytes' Rogue Remover. An excellent product and an excellent site dedicated to removing spyware from the web. Couldn't recommend highly enough.
  Now relieved.   (further information)
Rate
read loads of different write ups on it, and more often than not people seem to say its not dangerous. it just looks very similer to virus terminology
  mobilemania.8up.org  
Rate
rundll32.exe is a process which executes DLL's and places their libraries into the memory, so they can be used more efficiently by applications. This program is important for the stable and secure running of your computer and should not be terminated.
  Scrin-  
Rate
More comments can be found here:
    (further information)

Summary: 80 users think rundll32.exe is essential for Windows or an installed application. 12 users think it's probably harmless. 81 users think it's neither essential nor dangerous. 41 users suspect danger. 65 users think rundll32.exe is dangerous and recommend to remove it.. 46 users doesn't grade rundll32.exe ("not sure about it").

Do you have additional information?
What do you know about rundll32.exe:
How do you rate it:
Link for more info's:
Your Name:

rundll32 scanner


image

Security Task Manager shows all running Windows tasks including embedded hidden functions (e.g. keyboard or browser monitoring, autostart entry). A unique security risk rating indicates the likelihood of the process being potential spyware, malware, keylogger or a Trojan.

Spyware Doctor detects and removes sleeping spyware, adware, trojans, keyloggers, malware and tracking threats from your hard disk. Ideal supplement to Security Task Manager.

Registry Booster free scans, cleans, repairs and optimizes your system.

Other processes


rundll32.exe [all]