瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 卡卡和360safe目前杀不出来的流氓?

1   1  /  1  页   跳转

卡卡和360safe目前杀不出来的流氓?

收藏
chunf
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-12-11
  • 来自:
发表于: 2006-12-11 10:58 | 只看楼主 短消息 资料
字号: 1楼

卡卡和360safe目前杀不出来的流氓?

进程里的rundll32.exe结束自动起来,卡卡分析的启动项管理也找不到任何信息并弹出淘宝网的广告窗口,但不知是否为淘宝网的流氓插件.高手分析一下,我把rundll32.exe的模块信息帖上来:

[rundll32.exe]
PID = 0x2a8
CommandLine = RUNDLL32.EXE C:\WINDOWS\system32\tpnet.dll DoWork
    RUNDLL32.EXE
    0x1000000
    C:\WINDOWS\system32\rundll32.exe
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Run a DLL as an App
    2004-08-16 16:39:24

    ntdll.dll
    0x7c920000
    C:\WINDOWS\system32\ntdll.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    NT Layer DLL
    2004-08-16 16:38:38

    kernel32.dll
    0x7c800000
    C:\WINDOWS\system32\kernel32.dll
    5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)
    Microsoft Corporation
    Windows NT BASE API Client DLL
    2006-07-05 18:55:59

    msvcrt.dll
    0x77be0000
    C:\WINDOWS\system32\msvcrt.dll
    7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT CRT DLL
    2004-08-16 16:38:58

    GDI32.dll
    0x77ef0000
    C:\WINDOWS\system32\gdi32.dll
    5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)
    Microsoft Corporation
    GDI Client DLL
    2005-12-29 10:56:04

    USER32.dll
    0x77d10000
    C:\WINDOWS\system32\user32.dll
    5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)
    Microsoft Corporation
    Windows XP USER API Client DLL
    2005-03-03 02:10:05

    IMAGEHLP.dll
    0x76c60000
    C:\WINDOWS\system32\imagehlp.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows NT Image Helper
    2004-08-16 16:38:52

    ShimEng.dll
    0x5cc30000
    C:\WINDOWS\system32\shimeng.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Shim Engine DLL
    2004-08-16 16:39:04

    AcGenral.DLL
    0x58fb0000
    C:\WINDOWS\AppPatch\AcGenral.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Compatibility DLL
    2004-08-16 16:38:42

    ADVAPI32.dll
    0x77da0000
    C:\WINDOWS\system32\advapi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Advanced Windows 32 Base API
    2004-08-16 16:38:42

    RPCRT4.dll
    0x77e50000
    C:\WINDOWS\system32\rpcrt4.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Remote Procedure Call Runtime
    2004-08-16 16:39:02

    WINMM.dll
    0x76b10000
    C:\WINDOWS\system32\winmm.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    MCI API DLL
    2004-08-16 16:39:10

    ole32.dll
    0x76990000
    C:\WINDOWS\system32\ole32.dll
    5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)
    Microsoft Corporation
    Microsoft OLE for Windows
    2005-07-26 12:39:50

    OLEAUT32.dll
    0x770f0000
    C:\WINDOWS\system32\oleaut32.dll
    5.1.2600.2180
    Microsoft Corporation
   
    2004-08-16 16:39:00

    MSACM32.dll
    0x77bb0000
    C:\WINDOWS\system32\msacm32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft ACM Audio Filter
    2004-08-16 16:38:56

    VERSION.dll
    0x77bd0000
    C:\WINDOWS\system32\version.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Version Checking and File Installation Libraries
    2004-08-16 16:39:08

    SHELL32.dll
    0x7d590000
    C:\WINDOWS\system32\shell32.dll
    6.00.2900.2951 (xpsp_sp2_gdr.060713-0009)
    Microsoft Corporation
    Windows Shell Common Dll
    2006-07-13 21:34:55

    SHLWAPI.dll
    0x77f40000
    C:\WINDOWS\system32\shlwapi.dll
    6.00.2900.2937 (xpsp_sp2_gdr.060623-0002)
    Microsoft Corporation
    Shell Light-weight Utility Library
    2006-06-23 19:11:22

    USERENV.dll
    0x759d0000
    C:\WINDOWS\system32\userenv.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Userenv
    2004-08-16 16:39:08

    UxTheme.dll
    0x5adc0000
    C:\WINDOWS\system32\uxtheme.dll
    6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft UxTheme Library
    2004-08-16 16:39:08

    IMM32.DLL
    0x76300000
    C:\WINDOWS\system32\imm32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows XP IMM32 API Client DLL
    2004-08-16 16:38:52

    LPK.DLL
    0x62c20000
    C:\WINDOWS\system32\lpk.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Language Pack
    2004-08-16 16:38:54

    USP10.dll
    0x73fa0000
    C:\WINDOWS\system32\usp10.dll
    1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Uniscribe Unicode script processor
    2004-08-16 16:39:08

    comctl32.dll
    0x77180000
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
    6.0 (xpsp.060825-0040)
    Microsoft Corporation
    User Experience Controls Library
    2006-08-25 23:49:41

    comctl32.dll
    0x5d170000
    C:\WINDOWS\system32\comctl32.dll
    5.82 (xpsp.060825-0040)
    Microsoft Corporation
    Common Controls Library
    2006-08-25 23:49:44

    tpnet.dll
    0x10000000
    C:\WINDOWS\system32\tpnet.dll
    5.1.1800.2813
   
   
    2004-03-03 03:03:03

    iphlpapi.dll
    0x76d30000
    C:\WINDOWS\system32\iphlpapi.dll
    5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)
    Microsoft Corporation
    IP Helper API
    2006-05-19 21:14:08

    WS2_32.dll
    0x71a20000
    C:\WINDOWS\system32\ws2_32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 32-Bit DLL
    2004-08-16 16:39:10

    WS2HELP.dll
    0x71a10000
    C:\WINDOWS\system32\ws2help.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 2.0 Helper for Windows NT
    2004-08-16 16:39:10

    MFC42.DLL
    0x73d30000
    C:\WINDOWS\system32\mfc42.dll
    6.02.4131.0
    Microsoft Corporation
    MFCDLL Shared Library - Retail Version
    2004-08-16 16:38:54

    WININET.dll
    0x76680000
    C:\WINDOWS\system32\wininet.dll
    6.00.2900.2937 (xpsp_sp2_gdr.060623-0002)
    Microsoft Corporation
    Internet Extensions for Win32
    2006-06-23 19:11:22

    CRYPT32.dll
    0x765e0000
    C:\WINDOWS\system32\crypt32.dll
    5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Crypto API32
    2004-08-16 16:38:44

    MSASN1.dll
    0x76db0000
    C:\WINDOWS\system32\msasn1.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    ASN.1 Runtime APIs
    2004-08-16 16:38:56

    MFC42LOC.DLL
    0x61be0000
    C:\WINDOWS\system32\mfc42loc.dll
    6.00.8665.0
    Microsoft Corporation
    MFC Language Specific Resources
    2002-10-07 12:00:00

    MSCTF.dll
    0x74680000
    C:\WINDOWS\system32\MSCTF.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    MSCTF Server DLL
    2004-08-16 16:38:56

    msctfime.ime
    0x73640000
    C:\WINDOWS\system32\MSCTFIME.IME
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft Text Frame Work Service IME
    2004-08-16 16:37:46

    xpsp2res.dll
    0x20000000
    C:\WINDOWS\system32\xpsp2res.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Service Pack 2 Messages
    2004-08-16 16:38:24

    CLBCATQ.DLL
    0x76fa0000
    C:\WINDOWS\system32\clbcatq.dll
    2001.12.4414.308
    Microsoft Corporation
   
    2005-07-26 12:39:45

    COMRes.dll
    0x77020000
    C:\WINDOWS\system32\comres.dll
    2001.12.4414.258
    Microsoft Corporation
   
    2004-08-16 16:38:44

    SXS.DLL
    0x75e00000
    C:\WINDOWS\system32\sxs.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Fusion 2.5
    2004-08-16 16:39:06

    Secur32.dll
    0x77fc0000
    C:\WINDOWS\system32\secur32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Security Support Provider Interface
    2004-08-16 16:39:04

    wsock32.dll
    0x71a40000
    C:\WINDOWS\system32\wsock32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Socket 32-Bit DLL
    2004-08-16 16:39:10

    mswsock.dll
    0x719c0000
    C:\WINDOWS\system32\mswsock.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft Windows Sockets 2.0 Service Provider
    2004-08-16 16:38:58

    DNSAPI.dll
    0x76ef0000
    C:\WINDOWS\system32\dnsapi.dll
    5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)
    Microsoft Corporation
    DNS Client API DLL
    2006-06-27 01:41:39

    winrnr.dll
    0x76f80000
    C:\WINDOWS\system32\winrnr.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    LDAP RnR Provider DLL
    2004-08-16 16:39:10

    WLDAP32.dll
    0x76f30000
    C:\WINDOWS\system32\wldap32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Win32 LDAP API DLL
    2004-08-16 16:39:10

    rasadhlp.dll
    0x76f90000
    C:\WINDOWS\system32\rasadhlp.dll
    5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)
    Microsoft Corporation
    Remote Access AutoDial Helper
    2006-06-27 01:41:39

    RASAPI32.DLL
    0x76eb0000
    C:\WINDOWS\system32\rasapi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Remote Access API
    2004-08-16 16:39:02

    rasman.dll
    0x76e60000
    C:\WINDOWS\system32\rasman.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Remote Access Connection Manager
    2004-08-16 16:39:02

    NETAPI32.dll
    0x5fdd0000
    C:\WINDOWS\system32\netapi32.dll
    5.1.2600.2952 (xpsp_sp2_gdr.060714-0446)
    Microsoft Corporation
    Net Win32 API DLL
    2006-07-14 23:41:05

    TAPI32.dll
    0x76e80000
    C:\WINDOWS\system32\tapi32.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft(R) Windows(TM) Telephony API Client DLL
    2004-08-16 16:39:08

    rtutils.dll
    0x76e50000
    C:\WINDOWS\system32\rtutils.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Routing Utilities
    2004-08-16 16:39:02

    msv1_0.dll
    0x77c40000
    C:\WINDOWS\system32\msv1_0.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Microsoft Authentication Package v1.0
    2004-08-16 16:38:58

    urlmon.dll
    0x75c60000
    C:\WINDOWS\system32\urlmon.dll
    6.00.2900.2960 (xpsp_sp2_gdr.060725-0055)
    Microsoft Corporation
    OLE32 Extensions for Win32
    2006-07-26 04:40:47

    hnetcfg.dll
    0x60fd0000
    C:\WINDOWS\system32\hnetcfg.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Home Networking Configuration Manager
    2004-08-16 16:38:50

    wshtcpip.dll
    0x71a00000
    C:\WINDOWS\system32\wshtcpip.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Sockets Helper DLL
    2004-08-16 16:39:10

    SETUPAPI.dll
    0x76060000
    C:\WINDOWS\system32\setupapi.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Windows Setup API
    2004-08-16 16:39:04

    appHelp.dll
    0x76d70000
    C:\WINDOWS\system32\apphelp.dll
    5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    Microsoft Corporation
    Application Compatibility Client Library
    2004-08-16 16:38:42

    ATL.DLL
    0x76af0000
    C:\WINDOWS\system32\atl.dll
    3.05.2284
    Microsoft Corporation
    ATL Module for Windows XP (Unicode)
    2004-08-16 16:38:42

最后编辑2006-12-11 12:56:37
分享到:
gototop
 
chunf
头像
初生襁褓狮
  • 帖子:3
  • 注册: 2006-12-11
  • 来自:
发表于: 2006-12-11 13:05 | 只看楼主 短消息 资料
字号: 2楼

郁闷,怎么就没有个人回复一下.都是菜鸟?不是吧
看来这论坛我的闪了
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT