Rundll32

rundll32 file is misbehaving. for no reason at all it begins using up 50% cpu power. this began after installing a music software ableton 10.

windows 8.1 64bit

Does the task manager say what dll’s it is running?
Iirc, rundll was like a catch-all program that allows the system to run a dell as if it were a complete exe, but could be wrong…

when i right click open file location it shows rundll32. dll . soon as i end task it stops and everything is as. Are you familiar with this type of thing???

Been a long time since I came across the program, so might be confusing it svchost.exe… hope someone with more knowledge jumps in :slight_smile:

1 Like

I would personally check it out with sysinternals process explorer, but it’s a tool from Microsoft, It might give more clues as to what it is doing when at high cpu usage

2 Likes

Was their any bloatware that came bundled with the software?

Also what does Task Scheduler say? Maybe the program tries to run some sort of updater or something.

I have some Corel software, that always pops up some sort of ad in the bottom right every now again and also launches an auto updater on its own and that causes rundll to run high. I could disable those tasks, if I wanted to, from the Task Scheduler.

You can also view all of the .dll’s that are being used by an application by using the command
tasklist /m in the cmd. This is of course only possible when the application you want to check is running.

yeah it isn’t running i wish it did so i that i can show the rest of the information. there weren’t anything bundled with the software. I think it is what you were saying about it running an updater.

tasklist /m isn’t showing much it’s running right now though if you’re there

                               api-ms-win-crt-convert-l1-1-0.dll,
                               msvcrt.dll, sechost.dll, RPCRT4.dll,
                               api-ms-win-crt-multibyte-l1-1-0.dll,
                               api-ms-win-crt-time-l1-1-0.dll,
                               api-ms-win-crt-filesystem-l1-1-0.dll,
                               api-ms-win-crt-utility-l1-1-0.dll,
                               MSASN1.dll, CRYPTBASE.DLL, ucrtbase.DLL,
                               bcryptPrimitives.dll, mbae64.dll,
                               WS2_32.dll, PSAPI.DLL, USER32.dll,
                               SHELL32.dll, SHLWAPI.dll, WININET.dll,
                               NSI.dll, GDI32.dll, combase.dll,
                               iertutil.dll, USERENV.dll, profapi.dll,
                               IMM32.DLL, MSCTF.dll, ntmarta.dll,
                               SspiCli.dll, urlmon.dll, ole32.dll,
                               nss3.dll, WINMM.dll, WSOCK32.dll,
                               WINMMBASE.dll, cfgmgr32.dll, DEVOBJ.dll,
                               lgpllibs.dll, xul.dll, HID.DLL, AVRT.dll,
                               USP10.dll, MSIMG32.dll, IPHLPAPI.DLL,
                               dwmapi.dll, UxTheme.dll, SETUPAPI.dll,
                               WTSAPI32.dll, OLEAUT32.dll, WINNSI.DLL,
                               aswJsFlt.dll, kernel.appcore.dll,
                               hooxpot64.dll, hook64.dll, dwrite.dll,
                               SHCORE.dll, Dnsapi.dll, napinsp.dll,
                               pnrpnsp.dll, NLAapi.dll, mswsock.dll,
                               winrnr.dll, wshbth.dll, clbcatq.dll,
                               wbemprox.dll, wbemcomn.dll, CRYPTSP.dll,
                               rsaenh.dll, bcrypt.dll, wbemsvc.dll,
                               fastprox.dll, wscapi.dll, Wpc.dll,
                               NETAPI32.dll, Normaliz.dll, wevtapi.dll,
                               netutils.dll, srvcli.dll, wkscli.dll,
                               SAMCLI.DLL, mscms.dll, WINSTA.dll,
                               MMDevApi.dll, AUDIOSES.DLL, powrprof.dll,
                               explorerframe.dll, DUser.dll, DUI70.dll,
                               softokn3.dll, freebl3.dll, Secur32.dll,
                               ondemandconnroutehelper.dll, winhttp.dll,
                               nssckbi.dll, rasadhlp.dll, fwpuclnt.dll,
                               dhcpcsvc6.DLL, dhcpcsvc.DLL, twinapi.dll,
                               propsys.dll, Bcp47Langs.dll, LINKINFO.dll,
                               ntshrui.dll, cscapi.dll

firefox.exe 2672 ntdll.dll, snxhk64.dll, aswhooka.dll,
KERNEL32.dll, KERNELBASE.dll, mozglue.dll,
ADVAPI32.dll, MSVCP140.dll,
VCRUNTIME140.dll,
api-ms-win-crt-string-l1-1-0.dll,
api-ms-win-crt-stdio-l1-1-0.dll,
api-ms-win-crt-environment-l1-1-0.dll,
api-ms-win-crt-runtime-l1-1-0.dll,
api-ms-win-crt-math-l1-1-0.dll,
api-ms-win-crt-locale-l1-1-0.dll,
api-ms-win-crt-heap-l1-1-0.dll,
dbghelp.dll, CRYPT32.dll, VERSION.dll,
WINTRUST.dll,
api-ms-win-crt-convert-l1-1-0.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
api-ms-win-crt-multibyte-l1-1-0.dll,
api-ms-win-crt-time-l1-1-0.dll,
api-ms-win-crt-filesystem-l1-1-0.dll,
api-ms-win-crt-utility-l1-1-0.dll,
MSASN1.dll, CRYPTBASE.DLL, ucrtbase.DLL,
bcryptPrimitives.dll, mbae64.dll,
WS2_32.dll, PSAPI.DLL, USER32.dll,
SHELL32.dll, SHLWAPI.dll, WININET.dll,
NSI.dll, GDI32.dll, combase.dll,
iertutil.dll, USERENV.dll, profapi.dll,
IMM32.DLL, MSCTF.dll, ntmarta.dll,
SspiCli.dll, urlmon.dll, ole32.dll,
nss3.dll, WINMM.dll, WSOCK32.dll,
WINMMBASE.dll, cfgmgr32.dll, DEVOBJ.dll,
lgpllibs.dll, xul.dll, HID.DLL, AVRT.dll,
USP10.dll, MSIMG32.dll, IPHLPAPI.DLL,
dwmapi.dll, UxTheme.dll, SETUPAPI.dll,
WTSAPI32.dll, OLEAUT32.dll, WINNSI.DLL,
aswJsFlt.dll, shcore.dll,
kernel.appcore.dll, hooxpot64.dll,
hook64.dll, mfplat.dll, RTWorkQ.DLL,
mf.dll, dxva2.dll, evr.dll, d3d11.dll,
dxgi.dll, nvwgf2umx.dll, bcrypt.dll,
nvspcap64.dll
firefox.exe 5048 ntdll.dll, aswhooka.dll, KERNEL32.DLL,
KERNELBASE.dll, mozglue.dll, ADVAPI32.dll,
MSVCP140.dll, VCRUNTIME140.dll,
api-ms-win-crt-string-l1-1-0.dll,
api-ms-win-crt-stdio-l1-1-0.dll,
api-ms-win-crt-environment-l1-1-0.dll,
api-ms-win-crt-runtime-l1-1-0.dll,
api-ms-win-crt-math-l1-1-0.dll,
api-ms-win-crt-locale-l1-1-0.dll,
api-ms-win-crt-heap-l1-1-0.dll,
dbghelp.dll, CRYPT32.dll, VERSION.dll,
WINTRUST.dll,
api-ms-win-crt-convert-l1-1-0.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
api-ms-win-crt-multibyte-l1-1-0.dll,
api-ms-win-crt-time-l1-1-0.dll,
api-ms-win-crt-filesystem-l1-1-0.dll,
api-ms-win-crt-utility-l1-1-0.dll,
MSASN1.dll, CRYPTBASE.DLL, ucrtbase.DLL,
bcryptPrimitives.dll, mbae64.dll,
WS2_32.dll, PSAPI.DLL, USER32.dll,
SHELL32.dll, SHLWAPI.dll, WININET.dll,
NSI.dll, GDI32.dll, combase.dll,
iertutil.dll, USERENV.dll, profapi.dll,
IMM32.DLL, MSCTF.dll, ntmarta.dll,
SspiCli.dll, urlmon.dll, ole32.dll,
nss3.dll, WINMM.dll, WSOCK32.dll,
WINMMBASE.dll, cfgmgr32.dll, DEVOBJ.dll,
lgpllibs.dll, xul.dll, HID.DLL, AVRT.dll,
USP10.dll, MSIMG32.dll, IPHLPAPI.DLL,
dwmapi.dll, UxTheme.dll, SETUPAPI.dll,
WTSAPI32.dll, OLEAUT32.dll, WINNSI.DLL,
shcore.dll, kernel.appcore.dll,
napinsp.dll, pnrpnsp.dll, NLAapi.dll,
mswsock.dll, DNSAPI.dll, winrnr.dll,
wshbth.dll, d3d11.dll, dxgi.dll,
nvwgf2umx.dll, bcrypt.dll, nvspcap64.dll,
d2d1.dll, XmlLite.dll, dwrite.dll,
mscms.dll, clbcatq.dll, MMDevApi.dll,
AUDIOSES.DLL, powrprof.dll, Wpc.dll,
NETAPI32.dll, Normaliz.dll, wevtapi.dll,
netutils.dll, srvcli.dll, wkscli.dll,
SAMCLI.DLL, softokn3.dll, freebl3.dll
firefox.exe 7460 ntdll.dll, aswhooka.dll, KERNEL32.DLL,
KERNELBASE.dll, mozglue.dll, ADVAPI32.dll,
MSVCP140.dll, VCRUNTIME140.dll,
api-ms-win-crt-string-l1-1-0.dll,
api-ms-win-crt-stdio-l1-1-0.dll,
api-ms-win-crt-environment-l1-1-0.dll,
api-ms-win-crt-runtime-l1-1-0.dll,
api-ms-win-crt-math-l1-1-0.dll,
api-ms-win-crt-locale-l1-1-0.dll,
api-ms-win-crt-heap-l1-1-0.dll,
dbghelp.dll, CRYPT32.dll, VERSION.dll,
WINTRUST.dll,
api-ms-win-crt-convert-l1-1-0.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
api-ms-win-crt-multibyte-l1-1-0.dll,
api-ms-win-crt-time-l1-1-0.dll,
api-ms-win-crt-filesystem-l1-1-0.dll,
api-ms-win-crt-utility-l1-1-0.dll,
MSASN1.dll, CRYPTBASE.DLL, ucrtbase.DLL,
bcryptPrimitives.dll, mbae64.dll,
WS2_32.dll, PSAPI.DLL, USER32.dll,
SHELL32.dll, SHLWAPI.dll, WININET.dll,
NSI.dll, GDI32.dll, combase.dll,
iertutil.dll, USERENV.dll, profapi.dll,
IMM32.DLL, MSCTF.dll, ntmarta.dll,
SspiCli.dll, urlmon.dll, ole32.dll,
nss3.dll, WINMM.dll, WSOCK32.dll,
WINMMBASE.dll, cfgmgr32.dll, DEVOBJ.dll,
lgpllibs.dll, xul.dll, HID.DLL, AVRT.dll,
USP10.dll, MSIMG32.dll, IPHLPAPI.DLL,
dwmapi.dll, UxTheme.dll, SETUPAPI.dll,
WTSAPI32.dll, OLEAUT32.dll, WINNSI.DLL,
shcore.dll, kernel.appcore.dll,
napinsp.dll, pnrpnsp.dll, NLAapi.dll,
mswsock.dll, DNSAPI.dll, winrnr.dll,
wshbth.dll, d3d11.dll, dxgi.dll,
nvwgf2umx.dll, bcrypt.dll, nvspcap64.dll,
d2d1.dll, XmlLite.dll, dwrite.dll,
mscms.dll, clbcatq.dll, MMDevApi.dll,
AUDIOSES.DLL, powrprof.dll, Wpc.dll,
NETAPI32.dll, Normaliz.dll, wevtapi.dll,
netutils.dll, srvcli.dll, wkscli.dll,
SAMCLI.DLL, mozavutil.dll, mozavcodec.dll,
mfplat.dll, RTWorkQ.DLL, mf.dll, dxva2.dll,
evr.dll, MSAudDecMFT.dll, softokn3.dll,
freebl3.dll, Secur32.dll, CRYPTSP.dll,
rsaenh.dll, ondemandconnroutehelper.dll,
winhttp.dll
dllhost.exe 3396 ntdll.dll, KERNEL32.DLL, aswhooka.dll,
KERNELBASE.dll, msvcrt.dll, combase.dll,
RPCRT4.dll, kernel.appcore.dll,
CRYPTBASE.dll, bcryptPrimitives.dll,
clbcatq.dll, user32.dll, GDI32.dll,
IMM32.DLL, MSCTF.dll, sechost.dll,
CRYPTSP.dll, rsaenh.dll, bcrypt.dll,
uxtheme.dll, hooxpot64.dll, hook64.dll
firefox.exe 3232 ntdll.dll, aswhooka.dll, KERNEL32.DLL,
KERNELBASE.dll, mozglue.dll, ADVAPI32.dll,
MSVCP140.dll, VCRUNTIME140.dll,
api-ms-win-crt-string-l1-1-0.dll,
api-ms-win-crt-stdio-l1-1-0.dll,
api-ms-win-crt-environment-l1-1-0.dll,
api-ms-win-crt-runtime-l1-1-0.dll,
api-ms-win-crt-math-l1-1-0.dll,
api-ms-win-crt-locale-l1-1-0.dll,
api-ms-win-crt-heap-l1-1-0.dll,
dbghelp.dll, CRYPT32.dll, VERSION.dll,
WINTRUST.dll,
api-ms-win-crt-convert-l1-1-0.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
api-ms-win-crt-multibyte-l1-1-0.dll,
api-ms-win-crt-time-l1-1-0.dll,
api-ms-win-crt-filesystem-l1-1-0.dll,
api-ms-win-crt-utility-l1-1-0.dll,
MSASN1.dll, CRYPTBASE.DLL, ucrtbase.DLL,
bcryptPrimitives.dll, mbae64.dll,
WS2_32.dll, PSAPI.DLL, USER32.dll,
SHELL32.dll, SHLWAPI.dll, WININET.dll,
NSI.dll, GDI32.dll, combase.dll,
iertutil.dll, USERENV.dll, profapi.dll,
IMM32.DLL, MSCTF.dll, ntmarta.dll,
SspiCli.dll, urlmon.dll, ole32.dll,
nss3.dll, WINMM.dll, WSOCK32.dll,
WINMMBASE.dll, cfgmgr32.dll, DEVOBJ.dll,
lgpllibs.dll, xul.dll, HID.DLL, AVRT.dll,
USP10.dll, MSIMG32.dll, IPHLPAPI.DLL,
dwmapi.dll, UxTheme.dll, SETUPAPI.dll,
WTSAPI32.dll, OLEAUT32.dll, WINNSI.DLL,
shcore.dll, kernel.appcore.dll,
napinsp.dll, pnrpnsp.dll, NLAapi.dll,
mswsock.dll, DNSAPI.dll, winrnr.dll,
wshbth.dll, d3d11.dll, dxgi.dll,
nvwgf2umx.dll, bcrypt.dll, nvspcap64.dll,
d2d1.dll, XmlLite.dll, dwrite.dll,
mscms.dll, clbcatq.dll, MMDevApi.dll,
AUDIOSES.DLL, powrprof.dll, Wpc.dll,
NETAPI32.dll, Normaliz.dll, wevtapi.dll,
netutils.dll, srvcli.dll, wkscli.dll,
SAMCLI.DLL, softokn3.dll, freebl3.dll,
mozavutil.dll, mozavcodec.dll, mfplat.dll,
RTWorkQ.DLL, mf.dll, dxva2.dll, evr.dll,
msmpeg2vdec.dll, CRYPTSP.dll,
MSAudDecMFT.dll, rsaenh.dll
Taskmgr.exe 4716 N/A
firefox.exe 7520 ntdll.dll, aswhooka.dll, KERNEL32.DLL,
KERNELBASE.dll, mozglue.dll, ADVAPI32.dll,
MSVCP140.dll, VCRUNTIME140.dll,
api-ms-win-crt-string-l1-1-0.dll,
api-ms-win-crt-stdio-l1-1-0.dll,
api-ms-win-crt-environment-l1-1-0.dll,
api-ms-win-crt-runtime-l1-1-0.dll,
api-ms-win-crt-math-l1-1-0.dll,
api-ms-win-crt-locale-l1-1-0.dll,
api-ms-win-crt-heap-l1-1-0.dll,
dbghelp.dll, CRYPT32.dll, VERSION.dll,
WINTRUST.dll,
api-ms-win-crt-convert-l1-1-0.dll,
msvcrt.dll, sechost.dll, RPCRT4.dll,
api-ms-win-crt-multibyte-l1-1-0.dll,
api-ms-win-crt-time-l1-1-0.dll,
api-ms-win-crt-filesystem-l1-1-0.dll,
api-ms-win-crt-utility-l1-1-0.dll,
MSASN1.dll, CRYPTBASE.DLL, ucrtbase.DLL,
bcryptPrimitives.dll, mbae64.dll,
WS2_32.dll, PSAPI.DLL, USER32.dll,
SHELL32.dll, SHLWAPI.dll, WININET.dll,
NSI.dll, GDI32.dll, combase.dll,
iertutil.dll, USERENV.dll, profapi.dll,
IMM32.DLL, MSCTF.dll, ntmarta.dll,
SspiCli.dll, urlmon.dll, ole32.dll,
nss3.dll, WINMM.dll, WSOCK32.dll,
WINMMBASE.dll, cfgmgr32.dll, DEVOBJ.dll,
lgpllibs.dll, xul.dll, HID.DLL, AVRT.dll,
USP10.dll, MSIMG32.dll, IPHLPAPI.DLL,
dwmapi.dll, UxTheme.dll, SETUPAPI.dll,
WTSAPI32.dll, OLEAUT32.dll, WINNSI.DLL,
shcore.dll, kernel.appcore.dll,
napinsp.dll, pnrpnsp.dll, NLAapi.dll,
mswsock.dll, DNSAPI.dll, winrnr.dll,
wshbth.dll, d3d11.dll, dxgi.dll,
nvwgf2umx.dll, bcrypt.dll, nvspcap64.dll,
d2d1.dll, XmlLite.dll, dwrite.dll,
mscms.dll, clbcatq.dll, MMDevApi.dll,
AUDIOSES.DLL, powrprof.dll, Wpc.dll,
NETAPI32.dll, Normaliz.dll, wevtapi.dll,
netutils.dll, srvcli.dll, wkscli.dll,
SAMCLI.DLL
cmd.exe 748 ntdll.dll, KERNEL32.DLL, aswhooka.dll,
KERNELBASE.dll, msvcrt.dll, USER32.dll,
RPCRT4.dll, GDI32.dll, sechost.dll,
IMM32.DLL, MSCTF.dll, SspiCli.dll,
winbrand.dll
conhost.exe 3180 ntdll.dll, KERNEL32.DLL, aswhooka.dll,
KERNELBASE.dll, GDI32.dll, USER32.dll,
msvcrt.dll, IMM32.dll, OLEAUT32.dll,
combase.dll, MSCTF.dll, RPCRT4.dll,
uxtheme.dll, hooxpot64.dll, hook64.dll,
dwmapi.dll, comctl32.DLL, ole32.dll,
sechost.dll, kernel.appcore.dll,
CRYPTBASE.dll, bcryptPrimitives.dll,
SHCORE.dll
tasklist.exe 1524 ntdll.dll, KERNEL32.DLL, aswhooka.dll,
KERNELBASE.dll, ADVAPI32.dll, msvcrt.dll,
USER32.dll, ole32.dll, VERSION.dll,
MPR.dll, OLEAUT32.dll, Secur32.dll,
WS2_32.dll, framedynos.dll, NETAPI32.dll,
dbghelp.dll, SHLWAPI.dll, sechost.dll,
RPCRT4.dll, GDI32.dll, combase.dll,
NSI.dll, SspiCli.dll, netutils.dll,
srvcli.dll, wkscli.dll, IMM32.DLL,
MSCTF.dll, kernel.appcore.dll,
CRYPTBASE.dll, bcryptPrimitives.dll,
clbcatq.dll, wbemprox.dll, wbemcomn.dll,
Winsta.dll, CRYPTSP.dll, rsaenh.dll,
bcrypt.dll, wbemsvc.dll, fastprox.dll,
wmiutils.dll
WmiPrvSE.exe 5928 N/A

C:\Users\USERNAME>