Donate SIGN UP

rundl32 - virus or not?

Avatar Image
jubhair | 11:26 Sun 18th Jul 2004 | Technology
4 Answers
i'm running on winME and i have noticed that last month there has been a new registry entry Rundl32. it is at the bottom of the list meaning it uses up the least amout of RAM but the registry key came from nowhere. i scanned the pc using norton, trend, ad-aware, spy sweeper but there were no results. any suggestions?
Gravatar

Answers

1 to 4 of 4rss feed

Best Answer

No best answer has yet been selected by jubhair. Once a best answer has been selected, it will be shown here.

For more on marking an answer as the "Best Answer", please visit our FAQ.
same thing with a friends pc ???
If you really do have "Rundl32" and not "Rundll32" which is a proper system file, then you have an intrusion programme or "backdoor". If Task Manager shows this as running then it is waiting for communication from outside to get compromising information, typically keystroke logs telling of passwords and credit card details entered whilst browsing.

From a techie point of view this nasty is not hard to remove, but as your poota is running ME (Mess Expander) then try to move on to a more stable NT based OS such as 2000 professional or XP. Furthermore, if you have one compromise to your system then it is likely that you have more. Copy all your network parameters, email account details and, of course, you will have backups of all your data files. Next get out your original OS or restore media or new OS media and then:
  • Un-plug the network cable
  • Backup your data again (last chance).
  • Re-format the hard drive
  • Install Windows operating system and applications from original media or trusted images.
  • Set strong password for the Administrator account.
  • Plug in and re configure network connection.
  • Go to Windows Update page from Start menu. Install suggested critical updates and service packs.
I know this sounds drastic, but if you do this you will not only have a faster, less cluttered system, free from all possible intrusions, but also you will have a lot more confidence in your system. Don't forget the importance of a decent personal firewall (Zone Alarm etc.) to stop these nasties getting through. Be brutal with email security; no HTML, no preview pane, no clicking on links except the MOST trusted ones, delete ALL unsolicited junk without reading, and block all attachments except from trusted friends.

Click here then scroll down for a description of what rundll32 does. Might be of use.
Question Author
hippy, wot can i say? that is amazing. cheers.

1 to 4 of 4rss feed

Do you know the answer?

rundl32 - virus or not?

Answer Question >>

Related Questions

Sorry, we can't find any related questions. Try using the search bar at the top of the page to search for some keywords, or choose a topic and submit your own question.