Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: rundll32.exe processing srrstr.dll?


04 Jul 2010   #1

Windows 7 RTM
 
 
rundll32.exe processing srrstr.dll?

Hi everyone. Just a quick question: Is anyone familiar with this phenomenon? I left my computer idle to work in the kitchen for about 25 min, and when I returned I found that rundll32.exe was running and processing something over and over again. I checked Process Explorer, and found it was running something called srrstr.dll - Which apparently came digitally signed from Microsoft (though I guess that's easy to forge). I'm not sure what it was doing, but it chugged away for an additional ten minutes before it closed itself. Very strange.

Can anyone please advise if this is a nasty? NOD32 and Malwarebytes didn't catch it, if it is. Thank you.


My System SpecsSystem Spec
.

04 Jul 2010   #2

Windows 7 & Windows Vista Ultimate
 
 

Hi, Carbonyl.

srrstr.dll is part of the System Restore process. If a checkpoint was being created, that period of time is a bit lengthy. You may want to check to see if the time the last checkpoint was created approximately matches the time of your investigation.
My System SpecsSystem Spec
05 Jul 2010   #3

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

Quote   Quote: Originally Posted by Carbonyl View Post
Which apparently came digitally signed from Microsoft (though I guess that's easy to forge).
Maybe Corrine can confirm, but I don't think it is "easily done"...perhaps not impossible, but very complex. A Guy
My System SpecsSystem Spec
.


05 Jul 2010   #4

Windows 7 & Windows Vista Ultimate
 
 

For background on Digital Certificates, see Microsoft KB Article 195724: Description of Digital Certificates

Note the affected software indicated in this Security Advisory is "none". Microsoft Security Advisory (961509): Research proves feasibility of collision attacks against MD5:

Quote:
General Information

Overview

Purpose of Advisory: To assist customers in assessing the impact of this research announcement on their current certificate deployments.

Advisory Status: Issue Confirmed. No Security Update Planned.
Recommendation: Review the suggested actions and configure as appropriate.
References Identification:
Microsoft Knowledge Base Article 961509

This advisory discusses the following software.
Affected Software: None.
My System SpecsSystem Spec
05 Jul 2010   #5

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

You can configure when and how often system restore runs, through the Task Scheduler.

Change How Often System Restore Creates Restore Points in Windows 7 or Vista - How-To Geek
My System SpecsSystem Spec
Reply

 rundll32.exe processing srrstr.dll?




Thread Tools



Similar help and support threads for2: rundll32.exe processing srrstr.dll?
Thread Forum
How can i improve the processing speed of PC Hardware & Devices
Solved Antivirus found infection in srrstr.dll System Security
How To Fix Rundll32.exe BSOD Help and Support
RUNDLL32.exe HELP Hardware & Devices
Slow processing after 2 months. Performance & Maintenance
Process srrstr.dll General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:35 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33