Rundll vs. Rundll32
Rundll loads and runs 16-bit DLLs, whereas Rundll32 loads and runs 32-bit DLLs. If you pass the wrong type of DLL to Rundll or Rundll32, it may fail to run without indicating any error messages.
How Rundll Works
Rundll performs the following steps:
- It parses the command line.
- It loads the specified DLL via LoadLibrary().
- It obtains the address of the <entrypoint> function via GetProcAddress().
- It calls the <entrypoint> function, passing the command line tail which is the <optional arguments>.
- When the <entrypoint> function returns, Rundll.exe unloads the DLL and exits.
The Rundll and Rundll32 utility programs were originally designed only for internal use at Microsoft. But the functionality provided by them is sufficiently generic that they are now available for general use. Note that Windows NT 4.0 ships only with the Rundll32 utility program and supports only Rundll32.
