|
user32.dll (5.1.2600.1255)
Contained in software |
|---|
| Name: | Windows XP Home Edition, Deutsch |
|---|
| License: | commercial |
|---|
| Information link: | http://www.microsoft.com/windowsxp/ |
|---|
File details |
|---|
| Filepath: | C:\WINDOWS\system32 \ user32.dll |
|---|
| Filedate: | 2003-09-25 18:52:01 |
|---|
| Version: | 5.1.2600.1255 |
|---|
| Filesize: | 561.664 bytes |
|---|
Checksum and file hashes |
|---|
| CRC32: | A631EEAA |
|---|
| MD5: | 8D92 8268 AFBF 31F8 A34C E610 DA17 5352 |
|---|
| SHA1: | 810B ACB5 B6A0 037E 24DC 0F23 9AA6 5DC2 7F63 54CD |
|---|
Version resource information |
|---|
| CompanyName: | Microsoft Corporation |
|---|
| FileDescription: | Client-DLL für Windows XP USER-API |
|---|
| FileOS: | Windows NT, Windows 2000, Windows XP, Windows 2003 |
|---|
| FileType: | Dynamic Link Library (DLL) |
|---|
| FileVersion: | 5.1.2600.1255 |
|---|
| InternalName: | user32 |
|---|
| LegalCopyright: | © Microsoft Corporation. Alle Rechte vorbehalten. |
|---|
| OriginalFilename: | user32 |
|---|
| ProductName: | Betriebssystem Microsoft® Windows® |
|---|
| ProductVersion: | 5.1.2600.1255 |
|---|
user32.dll was found in the following malware reports:
|
|
|---|
JS.Rootlet.A@m |
|---|
Technical details
...Mapi32.dll.js User32.dll.js Wsock32.dll.js...
Source: http://securityresponse.symantec.com/avcenter/venc/data/js.rootlet.a@m.html |
|---|
Ceydem.6750.Worm |
|---|
Technical details
...The worm copies itself to %windir%CeyDem.com, %windir%WinuserUser32.dll, and %windir%Winuser2Sexy_jpg.com....
Source: http://securityresponse.symantec.com/avcenter/venc/data/ceydem.6750.worm.html |
|---|
W32.Simile |
|---|
Technical details
...the host file (the file that is infected with the virus) imports the Windows file User32.dll, then on the 17th of March, June, September, or December, a message is displayed....
Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.simile.html |
|---|
W95.Sleepyhead.5632 |
|---|
Technical details
...for Kernel32.dll functions. Then it loads User32.dll and WSock32.dll libraries and searches for functions in them....
Source: http://securityresponse.symantec.com/avcenter/venc/data/w95.sleepyhead.5632.html |
|---|
Symantec Vulnerability Assessment 1.0 Vulnerability Updates |
|---|
Variable Buffer Overflow Vulnerability 8827 Host Microsoft ListBox/ComboBox Control User32.dll Function Buffer Overrun Vulnerability 8828 Host Microsoft Windows Help And Support...
Source: http://securityresponse.symantec.com/avcenter/security/Content/2003.11.06.html |
|---|
Symantec Vulnerability Assessment 1.0 Vulnerability Updates |
|---|
Engine Remote Code Execution Vulnerability 8827 Microsoft ListBox/ComboBox Control User32.dll Function Buffer Overrun Vulnerability 10113 Microsoft Negotiate SSP Remote Buffer...
Source: http://securityresponse.symantec.com/avcenter/security/Content/2004.06.30a.html |
|---|
CodeRed II |
|---|
Technical details
...closesocket, and WSAGetLastError. From User32.dll, it gets ExitWindowsEx, which the worm uses to reboot the system....
Source: http://securityresponse.symantec.com/avcenter/venc/data/codered.ii.html |
|---|
CodeRed.F |
|---|
Technical details
...closesocket, and WSAGetLastError. From User32.dll, the worm gets ExitWindowsEx, which it uses to restart the system....
......
Source: http://securityresponse.symantec.com/avcenter/venc/data/codered.f.html |
|---|
|
|
![[filename.info logo]](/img/logo.png){kind=logo}
![[cn user32.dll]](/img/nix.gif){kind=small}
