What is Rundll32.exe?

What's Rundll32.exe?

What happened to the Rundll32.exe error? How to fix the Rundll32.exe of the virus infection? The RUNDLL32 process is a process that we often see, and this process is often exploited by viruses, "executing 32-bit DLL files." Its function is to execute the internal functions in the DLL file, so that in the process, there will be only Rundll32.exe, and no DLL back-door process, so that the process of the implementation of the hidden.

If you see multiple Rundll32.exe in the system, don't panic, which proves how many DLL files have been started with Rundll32.exe. Of course, these Rundll32.exe execute DLL files, and we can all find them from where the system is automatically loaded. Below we will come together to understand the Rundll32.exe process and learn to Rundll32.exe the wrong solution.

　　function prototypes used by Rundll32.exe:

Void CALLBACK functionname (HWND hwnd,hinstance hinst,lptstr lpcmdline,int ncmdshow);

The following methods are used under the command line: Rundll32.exe dllname,functionname [Arguments]

Dllname is the name of the DLL to be executed; FunctionName is the specific derivation function of the DLL file that needs to be executed in the front; [Arguments] is the specific parameter of the derivation function.

　　use Rundll32 to restart the machine experiment: Click "Start-Program-ms-dos mode", enter the DOS window, and then type Rundll32.exe user.exe,restartwindows, and then press ENTER, then you will see, The machine has been restarted!

Rundll. Exe

　　Here are three points to note:

1.DLL file name can not contain spaces, such as the file is located in the C:programfiles directory, you have to change this path to c:progra~1;

2.DLL file name and DLL entry point between the comma can not be less, otherwise the program will be wrong and will not give any information!

3. This is the most important point: Rundll cannot be used to call DLLs with return value parameters, such as GetUserName (), Gettextface (), and so on in Win32API. In Visual Basic, a directive shell that executes an external program is provided, in the form of: Shell command column

If you can cooperate with Rundll32.exe use shell instructions, will make your VB program with other methods can not even achieve the effect: still to restart as an example, the traditional method requires you in the VB project to create a module, and then write the WINAPI declaration, finally in the program to call. And now just one sentence:

Shell "Rundll32.exe user.exe,restartwindows" is done!

In fact, Rundll32.exe has a unique advantage in calling various Windows Control panels and system options.

There are Rundll32.exe tools on the network to kill the infected Rundll32.exe process.