rundll32.exe design BUG

Hi [at] all.

I am using Comodo IS 4 on a Win7 x64 system. Safe Mode for Defense+.
No other Security Software.
DEP is active for all programms.
UAC is enabled on highest settings.

Problem is that i get loads of messages which i have to allow manually.

It always starts after the PC was idle. If i get back after an idle time i have several messages belonging to the rundll32.exe

It would be nice having a hotfix for that.

Thank you very much.

[attachment deleted by admin]

Welcome to the forum habakuck

Please read here;msg341448#msg341448
and here;msg361990#msg361990

What version of Win 7 are you using? RTM, beta or RC?

The reason I ask is descrbed in rundll32.dll active when system idle!!.

Did you consent when installing Win 7 RTM to send user statistics data to Microsoft?

Hey you two. :slight_smile:

I am using the final version of Win7 x64 (v.6.1.7600)

If this is a design issue as i assumed it must be possible to get a solution for this. I am not the only one with this problem…

Did you check the link I provided and check whether the Application Experience Event was active as described? When running a final version in which is enabled to send user data to Microsoft this would explain the big amount of rundll32 alerts.

I will check that but i thought you were talking about about Firewall Alerts in that thread. Wasn’t you?
I do not get Firewall Alterts.
I get Defense+ Alerts saying the rundll32.exe is trying to execute random dll out of the Programmx86 folder.

Sry if i got something wrong my english is not so good! :wink:

Best regards.

O.k. the start type for the Application Experience is manuall and it is not running.

Can you please check Customer Experience aswell.

[attachment deleted by admin]

I will try. :slight_smile:

But i am not sure what the german name is… I searched but i am not sure.
Here it is not listed: Übersicht der Vista Dienste – WB Wiki

Btw. Which SnapIn is shown in your screenshot? I normally look directly in the services list; maybe that is the problem?

One of the other Moderators will give you the German name if you cannot find it.

Task Scheduler.

[attachment deleted by admin]

Ok. Here we are. I finally found what you are searching for.
But i think i do not participate in that MS programm…

What shall i do now?

Many thanks for your help!

I will ask one of the other Moderators to explain.


Thanks Dennis! :slight_smile:

I disabled all Triggers affiliated with Customer Experience and Application Experience for now. I will see if that fixes the problem.

PS: One more question: I wanted to delete the remembered rules for rundll32.exe i made the last days. But i cannot find them.
There are two rules for the rundll32.exe; both customized. But these are “general” rules. Not the rules i am searching for (rundll32.exe is allowed to execute Apllication XY).

PPS: Ok. i found it. :slight_smile: Its all new to me…

It can well be that the schedules get triggered that all data is “collected” but that it is not send because you did not “participate”.
Best bet would be indeed to “disabled” these schedules and see if that takes away the large amount of alerts.

I think it works! :-TU

No PopUps at all. Great!

Thank you very much guys! :slight_smile:

best regards