Windows 8 and 8.1 Forums

Rundll32.exe Problem?

  1. #1

    Posts : 7
    windows 8.1

    Rundll32.exe Problem?

    new here,and a bit of a dummy.spent several hours searching forums,but can't find anything relating directly to my possible problem.
    got new computer 6 weeks ago,windows 8,64 bit.
    after years of win 7 all i did was change a few things,add a start button,add 'my computer',and set it to boot to 'desktop',what i'm used to.
    added my third party programs,and all seemed fine.
    a few days ago i get a random phone call from a number in california with caller id showing 'microsmart' or something like that.guy says he's working for a microsoft partner company,gives me some long number that matches i think he called it my 'microsoft computer ID ' at this point i figure he's legit.
    he says my system has possibly been compromised,taken over by hackers.
    thinking i'm talking to a real microsoft person,i let him take remote control (yes,stupid,i know)
    he goes 10 times faster than i could and leads me to windows system 32 and points to an icon for 'rundll32.exe'
    i have no idea what this is,but all the icons around it are either gears or squares with green things inside,looking kind of official.
    the rundll32.exe however looks like a blank sheet of paper with the top right corner folded over.he says this means it's either compromised,or vulnerable to hacking.
    he then says 'for $150 we can fix this and give you a year of security,for $200,blah blah.
    at this point it finally clicks in my head that this whole deal smells fishy.
    i say hold on,let me check you guys out,he says 'i'll give you a link,i say no,i'll look on my own.
    guy gets argumentative, so i just hang up and google his phone #.
    he calls back twice,and by the second call i've found that his company is called 'fastheal',has no relation to microsoft and has a bunch of consumer complaints.
    i end the second callback with a loud string of profanities.
    i googled this rundll32 thing and found a site that says it is a problem(which of course i can't find again) and lists some highly technical stuff as how to fix it.
    just reading the basics i think it's beyond my capabilities,but the icon looks off and i'm seriously paranoid now,so i call microsoft.
    blah blah,$100 for a onetime fix,$150 for a year of support.knowing my history of doing stupid stuff i figure,in for a buck,why not a buck and a half.i pay.
    some microsoft guy calls me,takes remote control while we're on the phone,does all this super fast stuff,then dl's and runs some program that he says will take about an hour,fix everything,and he'll call back and finalize.
    ok says i.
    zzzzz zzzzzt
    finished,i reboot and....wham!
    all my third party programs are gone,my little tweaks are gone,and the computer looks like the first time i turned it on 6 weeks ago.
    and,that rundll32 thing still looks broken.
    i wait another half hour in a state of rage for a call back to fix it.
    i call microsoft back.get a human who says 'i'd be angry too'
    i insist and they send me back the $150,took 3 days.
    now i'm in a constant state of paranoia that i may be vulnerable,or already breached.
    it may be coincidence,but since these events took place my isp speed has been slowed by maybe 65%.
    i called them,rebooted the modem,blah blah,still slow,but i don't tell them i let 2 idiots remote my box.

    my question here is : do i have a problem?
    searching tells me that malware can hide in this rundll32.exe thing,but i have no clue as to how to find out.

    any advice is more than welcome.
    moron extrordanaire

      My System SpecsSystem Spec

  2. #2

    Maryland USA
    Posts : 758
    Windows 8 & Windows 7 Dual Boot

    Firstly change or add a password to your system at least for a while til they give up trying to reconnect to you.

    To see the list of users go to your metro screen and type USERS then select settings then click on USERS

    you will see a list of users that have access to your computer. It should only be you and maybe an administrator.

    Let us know what you find there.

    next, download and install spybot search and destroy, run the update, then scan your system.

    It should take about half hour give or take, depending on your system speed and harddrive size.

    Fix selected problems when done

    then do a FULL antivirus scan, this may take longer

    fix the problems found.
      My System SpecsSystem Spec

  3. #3

    Posts : 7
    windows 8.1

    "fix the problems found'

    i run spybot once a week
    i do a full virus scan,trend micro,every night
    i passworded (sic?) the system when i first set it up
    i bought a year of extra support from the computer manufactuer ,let a tech roam around inside,he took a bunch of screen shots,said he'd confer with his 'team' and call back.he did a couple hours later and said the only way to fix it was to do a wipe and compleat reinstall. i really wasn't up to that so i said let me think about it for a few days.
    that was weeks ago,everything is working fine.i changed all my bank or purchase site passwords.
    i hand wrote a long detailed letter complaining about those fastheal and microsoft ***holes and snailmailed copies to 4 different gov't agencies.
    nobody has replied.
    until i get some evidence that somebody is actually getting into my machine i'm just not thinking about it.
      My System SpecsSystem Spec

  4. #4

    Maryland USA
    Posts : 758
    Windows 8 & Windows 7 Dual Boot

    Sounds like you have everything under control..

    BTW is it possible that MicroSmart was actually Trend Micro Smart surfing?

    I checked out Microsmart, they were in NJ and are now out of business, but I did also find the Trend Micro Smart

    Trend Micro

    Glad to hear your system is fine..
      My System SpecsSystem Spec

Rundll32.exe Problem?
Related Threads
Hello, I have recently discovered that my laptop cooler was going crazy and I didn't knew why, then I started Task Manager and there it was "Windows host process (Rundll32) eating 30% of the cpu. Notebook specs: Cpu: Intel Core i5 3210m Ram: 8gb ddr3 1600mhz OS: Windows 8.1 x64 pro with...
Hello, I was viewing my event log and my Action Center under Problems. I found that for a long time, I have been having critical system events. The rundll32.exe_aepdu.dll "stopped working" under multiple occasions. Every few days there is another critical event which is the rundll32. Here is the...
Hello, I'm running Windows 8.1. Every 15-20 minutes, an error pops up which reads: Windows host process (Rundll32) has stopped working. Does anyone have any idea how to fix this? Thanks! Here are the details: Problem signature: Problem Event Name: APPCRASH
Rundll32 consuming cpu in General Support
For the last few days, the battery of my laptop was dying more quickly. Using many battery analysis tools I checked the wear level of battery and found out that battery is in good condition. After that I noticed that a process is consuming both CPU and battery. Rundll32 is consuming about 20% of...
I have 2 issues. I don't know if they are related somehow. 1. I installed PrivaZer and deleted it. It still shows up on the right click context menu. I tried to reinstall it and deleted it again. I still have that problem. I even restarted the computer. How can I get rid of the entry? 2....
Hi All, I'm having some outlook issues and need to get into the mail settings in Control Panel. However when I click Mail in the control panel I get the message "Windows Host process (Rundll32) has stopped working." (See below) and I cant get it in. This computer has just had a clean install of...
I had no problems with Customer Preview, everything worked, but, I must say that this Release Preview is another story all together. My PC hardware configuration is unchanged since installing Windows 7 when it came on to the market. 1. Doing a clean install did not install a clean...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook