[filename.info logo]
[cn ntdll.dll][de ntdll.dll][es ntdll.dll][fr ntdll.dll][gb ntdll.dll][it ntdll.dll][jp ntdll.dll][kr ntdll.dll][nl ntdll.dll][pt ntdll.dll][ru ntdll.dll][us ntdll.dll]

ntdll.dll overview

The file ntdll.dll is contained in the following software
  • Windows XP Home Edition, Deutsch   More information
    Version: 5.1.2600.1217
    Filedate: 2003-05-02 01:56:34
    Filesize: 679.936 bytes
    Filepath: C:\WINDOWS\system32\ntdll.dll
    Show ntdll.dll details
  • Windows XP Home Edition, Deutsch   More information
    Version: 5.1.2600.1106
    Filedate: 2002-08-29 14:00:00
    Filesize: 694.272 bytes
    Filepath: C:\WINDOWS\I386\SYSTEM32\ntdll.dll
    Show ntdll.dll details

ntdll.dll was found in the following malware reports:

Microsoft Windows 2000 WebDAV / ntdll.dll Buffer Overflow Vulnerability

Microsoft Windows 2000 WebDAV / ntdll.dll Buffer Overflow Vulnerability...
...data is supplied to the WebDAV component, it is, in turn, passed to the vulnerable ntdll.dll system component. The ntdll.dll fails to perform...
...Symantec Intruder Alert policy contains a rule that detects attempts to overflow the ntdll.dll system component of WebDAV....
Source: http://securityresponse.symantec.com/avcenter/security/Content/3.17.2003.html

Symantec NetRecon 3.6 Security Update 2

Symantec NetRecon checks for the Windows 2000 ntdll.dll buffer overflow vulnerability, four additional Microsoft SQL Server vulnerabilities,...
...New Vulnerability Checks Microsoft Windows 2000 ntdll.dll Buffer Overflow Vulnerability...
...code execution is possible. The Windows 2000 library ntdll.dll includes a function that does not perform sufficient bounds checking....
...The vector allows for the vulnerability in ntdll.dll to be exploited by a remote attacker....
Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.03.26.html


Removal instructions
...following three libraries: Ntdll.dll Sfc_os.dll...
...Kernel32.dll From Ntdll.dll, the virus uses the following functions:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w64.shruggle.1318.html


Technical details
...three different libraries: NTDLL.DLL SFC_OS.DLL...
...KERNEL32 From NTDLL.DLL, the virus uses these functions:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w64.rugrat.3344.html


About Trojan.Kaht
...Many applications use the vulnerable Win32 API component, ntdll.dll, so other attack vectors may exist....
Technical details
...The IIS WebDAV uses a core Windows system component, ntdll.dll, containing an unchecked buffer when processing the incoming WebDAV requests....
Source: http://securityresponse.symantec.com/avcenter/venc/data/trojan.kaht.html

Intruder Alert 3.6 W2K_MS_IIS_WebDAV Policy

This policy contains a rule that detects attempts to overflow the ntdll.dll system component of WebDAV (Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability....
Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.03.18a.html


Technical details
...The worm may hook the NTQuerySystemInformation API on NTDLL.DLL in an attempt to hide itself....
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.polybot.html


Technical details
...closesocket ntdll.dll NtQuerySystemInformation...
Source: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.hackdefender.html


Removal instructions
...The PSAPI.DLL file is linked to missing export NTDLL.DLL:NtCreateProfile Revision History:...
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.jb.html

Valid HTML 4.01!