I can send a zip file containing my current rundll32.exe, if that would be of interest, but would need an email address or other instructions. While not conclusive, there's enough 'evidence' here to lead me to suspect a false positive. But the file is byte-for-byte identical to the backed-up March 30th version. The 'Date modified' from the Windows Properties window was originally March 30, 2017, but has been updated after AVG has removed the file, and Windows has recreated it (I presume), so is now dated Jon my system.
Rundll32 exe nvqt update#
I noted that the creation date of the file (rundll32.exe) was June 14, 2017, within seconds of the time stamp for my June 14th Windows Update "2017-06 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4022719)". The older version was used with Windows 7 Build 7600, the current version is used with Build 7601, (as displayed on my desktop wallpaper, and in the file properties dialog). The current versions in C:\Windows\System32, and also in C:\Windows\winsxs\x86_microsoft-windows-rundll32_31bf3856ad364e35_.23755_none_da6bed36226a053d, are byte-for-byte identical to the one backed up on July 1, but differ from the older one from 2009, backed up on June 2nd. I went back to two backups to verify this, by examing rundll32.exe that was backed up on June 2 (prior to the June 14th Windows Update), and the one backed up on July 1 (after the same Windows Update). I have done some sleuthing, and suspect that this warning is a false positive, caused by a recent Windows Update, which replaced the 2009 version of rundll32.exe with one dated in 2017 (March 30, 2017, 45,056 bytes, created at the same time as my June Windows Update that I did on June 14, 2017). (For me, the triggering event occurred when I went to adjust my time zone by clicking on the time just above the date in the taskbar, and then clicking on "Change date and time settings.", though for some reason, I did not get the AVG warning every time, but only sporadically ).
I also have just begun receiving these notices that SCgeneric4.BPWA TrojanHorse has infected rundll32.exe. I am using Windows 7, latest build 7601, and AVG Free v.16.121.7859. My short answer: this appears to be a false positive.