Today I started my computer, it connected to internet, and without opening any program my rundll32.exe started to request internet access, The strange thing about it is the remote addresses that it requested to access here is the pic from my firewall: http://img139.imageshack.us/img139/5030/p017kk.jpg and the IP 64.233.183.147, refers too google meaning it wants to connect to google, while I have nothing from google installed, not even their google bar. the other IPies are for two other companies: 68.142.194.21 212.58.224.116 http://img145.imageshack.us/img145/6512/p035at.jpg and these are the processes under which rundll is started: http://img490.imageshack.us/img490/8627/p027xe.jpg I have Norton System Works 2006, Update to the latest definition, and non of my antiadware/spyware programs shows anything suspicious, What could this be???????????????

Here are a few tools that dig deeper than most. My SpyCatcher thoughts. What it does, after the search, it offers choices of what to do with files found, which can be a bit daunting. All these choices, like > Ask, can ( after research or your own knowledge of what you have installed ) be changed. In the Status window, the Protection ( in the middle of the page ) section, click on the files found. It also finds uninstall exe's, which I change to > Allow. SpyCatcher Express http://www.tenebril.com/consumer/spyware/spycatcher-express.php * Allows novice PC users to remove aggressive spyware * Stops next-generation, mutating spyware * Blocks reinstallation of aggressive spyware * Removes spyware safely and automatically * Database receives 6 million spyware submissions per day ============================================= RegAuditor http://www.nsauditor.com/freeware/index.html http://www.sixfiles.com/dbase/fr-network-internet/anti-spam-virus-spy-tools Registry Auditor gives you a quick look at the Adware, malware and spyware installed on your computer including parasites and trojans. Registry Auditor tells you by colored icons ( green icon - safe, yellow icon - unknown, red icon - harmful ) whether specific Objects are known to be safe or harmful, also the program searches the registry for entries including filenames that aren't present on and allows you to delete unwanted registry entries. The tool is designed with a user-friendly interface and is easy to use. Windows NT/2K/XP/2003 =================================== RemoveIT Pro http://www.incodesolutions.com/ http://www.incodesolutions.com/removeit.htm Clean your computer from Viruses & Worms, Adwares & Spywares. Full log file about active processes, startup files, worms & viruses. Database updation every day. Remove many viruses that other popular antivirus software cannot discover. Note: Free for non commercial use.

thanx for ur program introduction, I figured it through other ways, Rundll32.exe was running msfeeds.dll from IE7 to get the RSS feeds and so was the connection requests.

Well done shahramsh