[filename.info logo]
[cn ntdll.dll][de ntdll.dll][es ntdll.dll][fr ntdll.dll][gb ntdll.dll][it ntdll.dll][jp ntdll.dll][kr ntdll.dll][nl ntdll.dll][pt ntdll.dll][ru ntdll.dll][us ntdll.dll]
 

ntdll.dll (5.1.2600.1217)

Contained in software

Name:Windows XP Home Edition, Deutsch
License:commercial
Information link:http://www.microsoft.com/windowsxp/

File details

Filepath:C:\WINDOWS\system32 \ ntdll.dll
Filedate:2003-05-02 01:56:34
Version:5.1.2600.1217
Filesize:679.936 bytes

Checksum and file hashes

CRC32:C9E231C1
MD5:1A04 D6FC 9AFE DFED D03B 66AD 272A 85E4
SHA1:D44A 07F1 E22A B6AC E146 358F 5658 D940 BF12 188C

Version resource information

CompanyName:Microsoft Corporation
FileDescription:DLL für NT-Layer
FileOS:Windows NT, Windows 2000, Windows XP, Windows 2003
FileType:Dynamic Link Library (DLL)
FileVersion:5.1.2600.1217
InternalName:ntdll.dll
LegalCopyright:© Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename:ntdll.dll
ProductName:Betriebssystem Microsoft® Windows®
ProductVersion:5.1.2600.1217

ntdll.dll was found in the following malware reports:

Microsoft Windows 2000 WebDAV / ntdll.dll Buffer Overflow Vulnerability

Microsoft Windows 2000 WebDAV / ntdll.dll Buffer Overflow Vulnerability...
...data is supplied to the WebDAV component, it is, in turn, passed to the vulnerable ntdll.dll system component. The ntdll.dll fails to perform...
...Symantec Intruder Alert policy contains a rule that detects attempts to overflow the ntdll.dll system component of WebDAV....
Source: http://securityresponse.symantec.com/avcenter/security/Content/3.17.2003.html

Symantec NetRecon 3.6 Security Update 2

Symantec NetRecon checks for the Windows 2000 ntdll.dll buffer overflow vulnerability, four additional Microsoft SQL Server vulnerabilities,...
...New Vulnerability Checks Microsoft Windows 2000 ntdll.dll Buffer Overflow Vulnerability...
...code execution is possible. The Windows 2000 library ntdll.dll includes a function that does not perform sufficient bounds checking....
...The vector allows for the vulnerability in ntdll.dll to be exploited by a remote attacker....
Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.03.26.html

W64.Shruggle.1318

Removal instructions
...following three libraries: Ntdll.dll Sfc_os.dll...
...Kernel32.dll From Ntdll.dll, the virus uses the following functions:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html

W64.Rugrat.3344

Technical details
...three different libraries: NTDLL.DLL SFC_OS.DLL...
...KERNEL32 From NTDLL.DLL, the virus uses these functions:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w64.rugrat.3344.html

Trojan.Kaht

About Trojan.Kaht
...Many applications use the vulnerable Win32 API component, ntdll.dll, so other attack vectors may exist....
Technical details
...The IIS WebDAV uses a core Windows system component, ntdll.dll, containing an unchecked buffer when processing the incoming WebDAV requests....
Source: http://securityresponse.symantec.com/avcenter/venc/data/trojan.kaht.html

Intruder Alert 3.6 W2K_MS_IIS_WebDAV Policy

This policy contains a rule that detects attempts to overflow the ntdll.dll system component of WebDAV (Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability....
Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.03.18a.html

W32.Gaobot.gen!poly

Technical details
...The worm may hook the NTQuerySystemInformation API on NTDLL.DLL in an attempt to hide itself....
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.polybot.html

Backdoor.HackDefender

Technical details
...closesocket ntdll.dll NtQuerySystemInformation...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.hackdefender.html

W32.HLLW.Gaobot.JB

Removal instructions
...The PSAPI.DLL file is linked to missing export NTDLL.DLL:NtCreateProfile Revision History:...
......
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.jb.html



Valid HTML 4.01!