rundll32.exe => 100% CPU Utilization!! HELP
-
djpharoah
- Junior Member

- Posts: 472
- Joined: Fri Feb 03, 2006 7:25 pm
- Location: Irvine, California
- Contact:
rundll32.exe => 100% CPU Utilization!! HELP
Hi.
recently noticed that NHC is showing that my cpu utilization is 100%. This is without any of my programs running. I found the cause to be rundll32.exe which is taking anywhere from 95-100% of my cpu utilization.
I have tried various spyware, virus and what not. This seems to be an issue within windows or something like that. I am running sp2 cuz thats what my restore cds are.
any ideas??
recently noticed that NHC is showing that my cpu utilization is 100%. This is without any of my programs running. I found the cause to be rundll32.exe which is taking anywhere from 95-100% of my cpu utilization.
I have tried various spyware, virus and what not. This seems to be an issue within windows or something like that. I am running sp2 cuz thats what my restore cds are.
any ideas??
T400 14.1" WXGA+ LCD / T9400 / 4GB / 160gb / ATi+Intel GFX / 9C / W7 64
T42p 14" SXGA+ / 2.0GHz / 1.5GB / 60GB / 2 x 6C / XP
T40 14" XGA / 1.7GHz / 1GB / 40GB / 9C / XP
T40 14" SXGA+ / 1.7GHz / 1GB / 40GB / 6C / XP
Sold: A31, A31p, A20m, T20, T23
T42p 14" SXGA+ / 2.0GHz / 1.5GB / 60GB / 2 x 6C / XP
T40 14" XGA / 1.7GHz / 1GB / 40GB / 9C / XP
T40 14" SXGA+ / 1.7GHz / 1GB / 40GB / 6C / XP
Sold: A31, A31p, A20m, T20, T23
-
cxls
- Freshman Member
- Posts: 118
- Joined: Fri Oct 20, 2006 11:08 pm
- Location: Cumberland, Rhode Island
Description:
rundll32.exe is a process which executes DLL's and places their libraries into the memory, so they can be used more efficiently by applications. This program is important for the stable and secure running of your computer and should not be terminated.
Note: rundll32.exe is a process registered as a backdoor vulnerability which may be installed for malicious purposes by an attacker allowing access to your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system.
Note: rundll32.exe could also be a process which belongs to the . This program is a non-essential process, but should not be terminated unless suspected to be causing problems.
rundll32.exe is a process which executes DLL's and places their libraries into the memory, so they can be used more efficiently by applications. This program is important for the stable and secure running of your computer and should not be terminated.
Note: rundll32.exe is a process registered as a backdoor vulnerability which may be installed for malicious purposes by an attacker allowing access to your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system.
Note: rundll32.exe could also be a process which belongs to the . This program is a non-essential process, but should not be terminated unless suspected to be causing problems.
IBM ThinkPad T60p 2623-DDU | Intel Core Duo 2.0 GHz T2500 | 2 GB RAM | 256 MB ATI FireGL V5200 | 100 GB 7200 RPM SATA HDD | 15" UXGA BOE-Hydis (1600x1200) | NMB Keyboard | 9 Cell Battery x2
-
christopher_wolf
- Special Member
- Posts: 5741
- Joined: Sat Oct 08, 2005 1:24 pm
- Location: UC Berkeley, California
- Contact:
Killing off Rundll32 isn't going to crash your system; so the best thing to do to find out how it is being used is to first look in the event logs, then kill it off, whenever you note the anomalous behaviour, and see what happens. 
IBM ThinkPad T43 Model 2668-72U 14.1" SXGA+ 1GB |IBM 701c
~o/
I met someone who looks a lot like you.
She does the things you do.
But she is an IBM.
/~o ---ELO from "Yours Truly 2059"
~o/
I met someone who looks a lot like you.
She does the things you do.
But she is an IBM.
/~o ---ELO from "Yours Truly 2059"
Typical legit use of rundll32.exe is a control panel applet (or an Access IBM Access). So, as Christopher said, go ahead, kill the process, and see if an open control panel applet disappears.christopher_wolf wrote:Killing off Rundll32 isn't going to crash your system; so the best thing to do to find out how it is being used is to first look in the event logs, then kill it off, whenever you note the anomalous behaviour, and see what happens.
If the rundll32.exe is running after a fresh start, that may indicate some sort of malware. Depending on your level of Windows expertise, you could try using Process Explorer to track down what the runaway rundll32.exe process is doing ...
-
christopher_wolf
- Special Member
- Posts: 5741
- Joined: Sat Oct 08, 2005 1:24 pm
- Location: UC Berkeley, California
- Contact:
You might also want to get Process Explorer from SysInternals and see just what exactly is going on with rundll32 if you still can't pin down where and how it starts up with all the aforementioned techniques. 
IBM ThinkPad T43 Model 2668-72U 14.1" SXGA+ 1GB |IBM 701c
~o/
I met someone who looks a lot like you.
She does the things you do.
But she is an IBM.
/~o ---ELO from "Yours Truly 2059"
~o/
I met someone who looks a lot like you.
She does the things you do.
But she is an IBM.
/~o ---ELO from "Yours Truly 2059"
On my t60, I have 2 rundlls running one is for the thinkpad power manger, and it is started with the command:
"C:\WINDOWS\system32\rundll32.exe" C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
I use process explorer to find this info out, one of the nice things about it is, it will tell you more detail for the process, whereas task manager just says rundll and leaves it at that.
"C:\WINDOWS\system32\rundll32.exe" C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
I use process explorer to find this info out, one of the nice things about it is, it will tell you more detail for the process, whereas task manager just says rundll and leaves it at that.
-
davidspalding
- ThinkPadder

- Posts: 1593
- Joined: Mon Nov 14, 2005 2:39 pm
- Location: Durham, NC
- Contact:
The SysInternals app (their library is now hosted by Microsoft, so don't worry if you're redirected there) is certainly a winner.
Alternately, you can run the CMD line command ...
... when you see it maxing your CPU, and see what's associated with it. (Note, the /svc switch shows services and what apps are using them, the /fi filters on a match criteria, in this case, the name of the process. Execute tasklist /? to get more info. BTW, I believe tasklist is only in XP professional.)
Alternately, you can run the CMD line command ...
Code: Select all
tasklist /svc /fi "imagename eq rundll32.exe"2668-75U T43, 2GB RAM, 2nd hand NMB kybd, Dock II, spare Mini-Dock, and spare Port Replicators. Wacom BT tablet. Ultrabay 2nd HDD.
2672-KBU X32, 1.5GB RAM, 7200 rpm TravelStar HDD.
2672-KBU X32, 1.5GB RAM, 7200 rpm TravelStar HDD.
-
djpharoah
- Junior Member

- Posts: 472
- Joined: Fri Feb 03, 2006 7:25 pm
- Location: Irvine, California
- Contact:
Ok it seems that this problem was caused by NHC. Which has been promptly replaced with Mobile Meter.
However there is no way now to manually change my cpu speed.
However there is no way now to manually change my cpu speed.
T400 14.1" WXGA+ LCD / T9400 / 4GB / 160gb / ATi+Intel GFX / 9C / W7 64
T42p 14" SXGA+ / 2.0GHz / 1.5GB / 60GB / 2 x 6C / XP
T40 14" XGA / 1.7GHz / 1GB / 40GB / 9C / XP
T40 14" SXGA+ / 1.7GHz / 1GB / 40GB / 6C / XP
Sold: A31, A31p, A20m, T20, T23
T42p 14" SXGA+ / 2.0GHz / 1.5GB / 60GB / 2 x 6C / XP
T40 14" XGA / 1.7GHz / 1GB / 40GB / 9C / XP
T40 14" SXGA+ / 1.7GHz / 1GB / 40GB / 6C / XP
Sold: A31, A31p, A20m, T20, T23
http://www.diefer.de/speedswitchxp/djpharoah wrote:Ok it seems that this problem was caused by NHC. Which has been promptly replaced with Mobile Meter.
However there is no way now to manually change my cpu speed.
T61p 6458-BT6 T9300/4GB/120GB/WUXGA
T23 2647-8SU P3-M 1.20/512/40
T23 2647-8SU P3-M 1.20/512/40
-
- Similar Topics
- Replies
- Views
- Last post
-
-
Windows cannot find configservice.exe (System Update)
by hyde » Sat May 20, 2017 7:11 pm » in ThinkPad T400/410/420 and T500/510/520 Series - 6 Replies
- 1247 Views
-
Last post by hyde
Sun May 21, 2017 11:22 pm
-
-
-
Cpu upgrade what cpu to search
by radiator » Sun May 21, 2017 12:45 am » in ThinkPad T400/410/420 and T500/510/520 Series - 2 Replies
- 555 Views
-
Last post by my03
Sat May 27, 2017 6:22 pm
-
-
-
FS: $100 + shipping - X120e
by iMav » Tue Jan 03, 2017 12:35 pm » in Marketplace - Forum Members only - 0 Replies
- 267 Views
-
Last post by iMav
Tue Jan 03, 2017 12:35 pm
-
-
- 1 Replies
- 423 Views
-
Last post by rijhsing
Mon Jan 16, 2017 5:24 pm
Who is online
Users browsing this forum: No registered users and 3 guests





