Windoze XP: rundll32.exe Consumes All Available CPU

This is driving me nuts. We've got three affected Win XP SP2 machines at werk, possibly more. At some, seemingly random, time one of the two copies of rundll32.exe goes bananas and consumes all available CPU on the machine, dragging it down to a crawl. This seems to have happened on older machines, as well as fresh installs.

The requisite net-trawling suggests very little, except it may be one of three trojans. I've followed the removal instructions for all three, but found none of the affected registry keys, nor did Symantec Client Security scanner find any suspicious files (yes, we have the latest virus definitions, etc).

Windows costs you more. Just this one issue alone has already cost us a significant amount of time and developer down-time. Not good.

Submitted by coofercat on Tue, 2005-03-15 14:50


i know this is going to sound odd but...

...have you tried the Microsoft AntiSpyware (Beta) software?

i downloaded it a while ago to replace some utter crap my employer decided to install on my machine and it's actually quite reasonable (:rolleyes:)

Submitted by Anonymous (not verified) on Tue, 2005-03-15 14:57.
The pragmatic approach

When I ran the Microsoft AntiSpyware tool, it found nothing: it was apparently all clean. And so said the anti-virus. Nevertheless, as one of the people affected by the problem, I have to restart my machine 2 or 3 times a day at the moment. I'm taking the pragmatic approach though: rundll32.exe = have a break while the laptop restarts, which can take some time because one side effect of the problem is that it takes ages for the machine to shutdown.

Submitted by Anonymous (not verified) on Fri, 2005-03-18 06:26.
same problem

now 24 march

I get errors about rundll32.exei cannot stop it.

it consuumes 99% cpu
and also my sounds quits..

This is also the same for a mate of mine 2 blocks away..

a virus??

Submitted by Anonymous (not verified) on Thu, 2005-03-24 19:11.
Re: i know this is going to sound odd but...

Thanks for that - actually, I hadn't tried it. We've used Adaware, but had no real luck.

The MS tool highlighted "PowerReg Scheduler", which I've removed, so we'll see how we go now.

(Incidentally, it also got RealVNC and Burp.exe - but I've ignored those ;-)

Submitted by coofercat on Wed, 2005-03-16 10:47.
Possibly Solved

It's looking like this problem was caused by the IBM Thinkpad Battery Maximiser. One user has upgraded his and reports no further problems. Removing one (seemingly unrelated) item of spyware seems to have fixed me, but I've upgraded the BM too. One user to go...

(Sadly the same is not true of the Synaptics UltraNav utility thingy which goes bonkers from time to time - upgrading that didn't fix it :-(

Submitted by coofercat on Thu, 2005-03-24 11:33.