On-Premise Endpoint

Sophos Endpoint Software rundll32.exe

On-Premise Endpoint requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 2 replies
Subscribers 1 subscriber
Views 1823 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

rundll32.exe

tedz over 13 years ago

Hi,

Please see screenshot of rundll32.exe on the link below... sophos didn't recognize this one but i think this is a virus.

http://ge.tt/898tBdN/v/0

Anyone can encounter this issue.

Thanks,

tedz

This thread was automatically locked due to age.

0 tedz over 12 years ago

Hi Sandy,
We do a cleaning proccess of this aaffected computer all the virus was deleted by sophos. but the rundll32.exe still flooding on the proccess. sophos cannot recognized on this.
How can we know what application using the rundll32.exe. and how can we get dectection that the sophos cannot detect it.
Please help us to solve this problem!
Thanks,
Tedz
:33933
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 12 years ago

Hello Tedz,
Process Explorer will show you the command line with which the rundll32.exe processes were started. You should also be able to identify their parent process with it. If they are started indirectly by a short-lived process then Process Monitor might be of help. Both tools are available on the Sysinternals Process Utilities page.
HTH
Christian
:33935
Cancel
Vote Up 0 Vote Down

Cancel