|
rundll32.exe (5.1.2600.0)
ソフトウェアに含まれている |
|---|
| 名前: | Windows XP Home Edition, Deutsch |
|---|
| 免許証: | 商業 |
|---|
| 情報リンク: | http://www.microsoft.com/windowsxp/ |
|---|
ファイル細部 |
|---|
| ファイル道: | C:\WINDOWS\system32 \ rundll32.exe |
|---|
| ファイル日付: | 2002-08-29 14:00:00 |
|---|
| 版: | 5.1.2600.0 |
|---|
| ファイルサイズ: | 32.256 バイト |
|---|
検査合計及びファイルは切り刻む |
|---|
| CRC32: | 464A49B4 |
|---|
| MD5: | 3B97 EDB7 91FB 2090 17B8 864C 8E70 87F9 |
|---|
| SHA1: | 729F AF37 ED72 3D70 73B6 1727 6995 C40C 150E FCB9 |
|---|
版資源情報 |
|---|
| 会社名前: | Microsoft Corporation |
|---|
| ファイル記述: | Eine DLL-Datei als Anwendung ausfhren |
|---|
| ファイルオペレーティングシステム: | Windows NT, Windows 2000, Windows XP, Windows 2003 |
|---|
| ファイル・タイプ: | Application |
|---|
| ファイル版: | 5.1.2600.0 |
|---|
| 内部名: | rundll |
|---|
| 法的版権: | Microsoft Corporation. Alle Rechte vorbehalten. |
|---|
| 元のファイル名: | RUNDLL.EXE |
|---|
| 製品名: | Betriebssystem Microsoft Windows |
|---|
| プロダクト版: | 5.1.2600.0 |
|---|
rundll32.exe は次のレポートで見つけられた:
|
|
|---|
Backdoor.Lastdoor |
|---|
技術的詳細
...legitimate file, this Trojan uses the same icon as the legitimate Windows file named Rundll32.exe. When Backdoor.Lastdoor runs,...
...This overwrites the original Rundll32.exe file if it is in the %system% folder....
...NOTES: By default, Rundll32.exe resides in the %windir% folder in Windows 95/98/Me....
...Rundll32 %system%Rundll32.exe to the registry key...
取り外しの指示
...detected as Backdoor.Lastdoor. If Rundll32.exe has been overwritten by the Trojan, replace the file from a clean backup or reinstall...
...Rundll32 %system%Rundll32.exe from the registry key...
...Backdoor.Lastdoor, click Delete. If Rundll32.exe has been overwritten by the Trojan, replace the file from a clean backup or reinstall...
...Rundll32 %system%Rundll32.exe Exit the Registry Editor....
源: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lastdoor.html |
|---|
Zendown.Trojan |
|---|
Zendown.Trojan について
...Shutdown C:Windowsihateyou.exe Shutdown2 C:Windows
undll32.exe shell32,SHExitWindowsEx 1...
取り外しの指示
...Shutdown C:Windowsihateyou.exe Shutdown2 C:Windows
undll32.exe shell32,SHExitWindowsEx 1...
源: http://securityresponse.symantec.com/avcenter/venc/data/zendown.trojan.html |
|---|
W32.Pixo |
|---|
技術的詳細
...Then it adds the value: Rundll32.exe C:WindowsSystemPIX-61081.exe...
取り外しの指示
...delete the following value: Rundll32.exe C:WindowsSystemPIX-61081.exe...
源: http://securityresponse.symantec.com/avcenter/venc/data/w32.pixo.html |
|---|
W32.HLLW.Dormin.A@mm |
|---|
技術的詳細
...Adds the following values: Nimrod_Keyboard Rundll32.exe Keyboard,Disable Nimrod_Mouse Rundll32.exe...
取り外しの指示
...following values if they exist: Nimrod_Keyboard Rundll32.exe Keyboard,Disable Nimrod_Mouse Rundll32.exe...
源: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.dormin.a@mm.html |
|---|
Adware.Bookedspace |
|---|
技術的詳細
..."<name of .dll file>"="RunDLL32.exe <path to .dll file>, DllRun"...
取り外しの指示
..."<name of .dll file>"="RunDLL32.exe <path to .dll file>, DllRun"...
源: http://securityresponse.symantec.com/avcenter/venc/data/adware.bookedspace.html |
|---|
W32.Sircam.Worm@mm |
|---|
技術的詳細
...Copy <Computer>WindowsRundll32.exe to <Computer>WindowsRun32.exe...
...Replace <Computer>Windows
undll32.exe with C:RecycledSirc32.exe...
取り外しの指示
...network, the Run32.exe file will have been be overwritten with an infected copy of the Rundll32.exe. If you see more than one entry...
...Instead, you must delete the Run32.exe and the Rundll32.exe files and then extract an new copy of Rundll32.exe from a clean back up or from...
...If the file WindowsRun32.exe exists, rename it back to WindowsRundll32.exe See the sections that follow...
...this, the Run32.exe file will have been overwritten with an infected copy of the Rundll32.exe. As a result, you will not...
...network, the Run32.exe file will have been be overwritten with an infected copy of the Rundll32.exe If you saw more than one entry of "@win
ecycledsirc32.exe" when performing...
...Instead, you must delete the Run32.exe and the Rundll32.exe files and then extract an new copy of Rundll32.exe from a clean back up or from...
...Rename it to: rundll32.exe Press Enter....
源: http://securityresponse.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html |
|---|
W32.Miroot.Worm |
|---|
技術的詳細
...C:Cmd.exe %System%Rundll32.exe with hidden, system, and read-only...
...C:WindowsSystem32 (Windows XP). Creates the file, rundll32.exe.tmp (Windows 2000 only). May cause Windows to display...
..."LoadPowerProfile"="%System%Rundll32.exe" in the registry key:...
取り外しの指示
...data field, then click OK: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme...
源: http://securityresponse.symantec.com/avcenter/venc/data/w32.miroot.worm.html |
|---|
Spyware.XpcSpy |
|---|
技術的詳細
..."System Check" = "Rundll32.exe SysDll32.dll,SystemCheck"...
取り外しの指示
..."System Check" = "Rundll32.exe SysDll32.dll,SystemCheck"...
源: http://securityresponse.symantec.com/avcenter/venc/data/spyware.xpcspy.html |
|---|
Backdoor.LoxoScam |
|---|
技術的詳細
...It modifies the value from LoadPowerProfile Rundll32.exe powerprof.dll,LoadCurrentPwrScheme...
取り外しの指示
...exists, modiify it to LoadPowerProfile Rundll32.exe powerprof.dll,LoadCurrentPwrScheme...
源: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.loxoscam.html |
|---|
W32.Lovgate.R@mm |
|---|
技術的詳細
..."Protected Storage"="RUNDLL32.EXE MSSIGN30.DLL ondll_reg"...
..."VFW Encoder/Decoder Settings"="RUNDLL32.exe MSSIGN30.DLL ondll_reg"...
..."Windows Management Protocol v.0 (experimental)," which is mapped to "Rundll32.exe msjdbc11.dll ondll_server."...
...Creates the service, "_reg," which is mapped to "Rundll32.exe msjdbc11.dll ondll_server."...
取り外しの指示
..."Protected Storage"="RUNDLL32.EXE MSSIGN30.DLL ondll_reg"...
..."VFW Encoder/Decoder Settings"="RUNDLL32.exe MSSIGN30.DLL ondll_reg"...
......
源: http://securityresponse.symantec.com/avcenter/venc/data/w32.lovgate.r@mm.html |
|---|
|
|
![[filename.info logo]](/img/logo.png){kind=logo}
![[cn rundll32.exe]](/img/nix.gif){kind=small}
