rundll32.exe processing srrstr.dll?

Hi everyone. Just a quick question: Is anyone familiar with this phenomenon? I left my computer idle to work in the kitchen for about 25 min, and when I returned I found that rundll32.exe was running and processing something over and over again. I checked Process Explorer, and found it was running something called srrstr.dll - Which apparently came digitally signed from Microsoft (though I guess that's easy to forge). I'm not sure what it was doing, but it chugged away for an additional ten minutes before it closed itself. Very strange.

Can anyone please advise if this is a nasty? NOD32 and Malwarebytes didn't catch it, if it is. Thank you.

Hi, Carbonyl.

srrstr.dll is part of the System Restore process. If a checkpoint was being created, that period of time is a bit lengthy. You may want to check to see if the time the last checkpoint was created approximately matches the time of your investigation.

For background on Digital Certificates, see Microsoft KB Article 195724: Description of Digital Certificates

Note the affected software indicated in this Security Advisory is "none". Microsoft Security Advisory (961509): Research proves feasibility of collision attacks against MD5:

General Information

Overview

Purpose of Advisory: To assist customers in assessing the impact of this research announcement on their current certificate deployments.

Advisory Status: Issue Confirmed. No Security Update Planned.
Recommendation: Review the suggested actions and configure as appropriate.
References Identification:
Microsoft Knowledge Base Article 961509

This advisory discusses the following software.
Affected Software: None.

You can configure when and how often system restore runs, through the Task Scheduler.

Change How Often System Restore Creates Restore Points in Windows 7 or Vista - How-To Geek