Where are rundll32 parameters located

V

vfclists

I was looking in my Scheduled Tasks and found a task whose command was
'rundll32 dokv.bna, ypzcfawb" which I believe was some spyware I
disabled some time ago.

How does rundll32.exe locate such parameters and execute them?
 
R

R.Wieser

Hello vfclists,
How does rundll32.exe locate such parameters and execute them?
Click to expand...

It doesn't.

'rundll32.exe' is just a shell to enable you to execute an otherwise
un-executable file, that DLL. The provided parameters are not used by
'rundll32.exe', but areactually directly transferred to the executed DLL as
its arguments.

In short: The arguments are of/for the DLL executed, and only the person who
created that DLL knows what those parameters mean/do (just like for an .EXE
file).

Hope that helps/clarifies it.

Rudy Wieser


-- Origional message:
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

rundll32.exe and explorer.exe freezes 1
Error Message: "C:\windows\system32\rundll32.exe. Can't find progr 5
Pegasus get in here 2
Task Scheduler error message 3
rundll32.exe missing 12
Erro: rundll32.exe is not a valid Win32 application 1
RUNDLL32.EXE w72ea2bc.dll Missing .... 4
RUNDLL32.EXE NVQT 3

Top