内网本机工作组信息收集
不管是在外网中还是在内网中,信息收集都是重要的第一步。对于内网中的一台机器,其所处内网的结构是什么样 的、其角色是什么、使用这台机器的人的角色是什么,以及这台机器上安装了什么杀毒软件、这台机器是通过什么方 式上网的、这台机器是笔记本电脑还是台式机等问题,都需要通过信息收集来解答。
网络配置信息
获取本机的网络配置信息
ipconfig
示例:
> ipconfig ... 显示信息
> ipconfig /all ... 显示详细信息
> ipconfig /renew ... 更新所有适配器
> ipconfig /renew EL* ... 更新所有名称以 EL 开头的连接
> ipconfig /release *Con* ... 释放所有匹配的连接, 例如“有线以太网连接 1”或“有线以太网连接 2”
> ipconfig /allcompartments ... 显示有关所有隔离舱的信息
> ipconfig /allcompartments /all ... 显示有关所有隔离舱的详细信息
操作系统和软件信息
查询操作系统和版本信息
systeminfo | findstr /B /C:"OS Name" /C:"OS Version"
systeminfo | findstr /B /C:"OS 名称" /C:"OS 版本"
查看系统体系结构
echo %PROCESSOR_ARCHITECTURE%
查看安装的软件及版本
wmic product get name,version
powershell "Get-WmiObject -class win32_product | Select-Object -Property name,version"
本机服务信息
wmic service list brief
进程信息
tasklist
wmic process list brief
启动程序信息
wmic startup get command,caption
计划任务信息
如果出现无法加载列资源 输入:chcp 437
schtasks /query /fo LIST /v主机开机时间信息
net statistics workstation
用户列表信息
net user
wmic useraccount get name ,SID
列出会话
net session
查询端口列表
netstat -ano
查看补丁列表
systeminfo
wmic qfe get Caption,Description,HotFixID,InstalledOn
查询共享列表
net share
wmic share get name,path,status
路由信息
route print
防火墙相关操作
1、查看防火墙是否开启
netsh firewall show state
2、关闭防火墙
Windows server 2003:
netsh firewall set opmode disable
Windows server 2003之后:
netsh firewall set opmode disable (只关闭了Windows10 的专用网络防火墙)
netsh advfirewall set allprofiles state off
3、查看防火墙配置
netsh firewall show config
4、修改防火墙配置
2003及之前的版本,允许指定的程序进行全部的连接:
netsh firewall add allowedprogram c:\nc.exe "allownc" enable
2003之后的版本,允许指定的程序进行全部的连接
netsh advfirewall firewall add rule name="pass nc" dir=in action=allow program="C:\nc.exe"
允许指定程序退出,命令如下
netsh advfirewall firewall add rule name="Allownc" dir=out action=allow program="C:\nc.exe"
允许3389端口放行,命令如下
netsh advfirewall firewall add rule name="RemoteDesktop" protocol=TCP dir=in localport=3389 action=allow
netsh advfirewall firewall add rule name=test dir=in action=allow protocol=tcp localport=4444 #允许4444端口进站
netsh advfirewall firewall add rule name=test dir=in action=allow program=c:\a.exe #允许a.exe进站
netsh advfirewall firewall add rule name=test dir=out action=allow protocol=tcp localport=4444#允许4444端口出站 netsh advfirewall firewall add rule name=test dir=out action=allow program=c:\a.exe#允许a.exe出站
开启远程服务
1、在2003机器上
wmic path win32_terminalservicesetting where (_CLASS !="") call setallowtsconnections 12、在server2008和server 2021
#开启远程桌面
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f
#关闭远程桌面
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 11111111 /f
WIFI密码收集
for /f "skip=9 tokens=1,2 delims=:" %i in ('netsh wlan show profiles') do @echo %j | findstr -i -v echo | netsh wlan show profiles %j key=clear查询RDP端口
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp" /V PortNumber0xd3d即为3389端口
查看代理配置信息
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
查看当前保存的登陆凭证
cmdkey /l
Arp信息
arp -a
查看最近打开的文档
dir %APPDATA%\Microsoft\Windows\Recent
查询本机用户组
net localgroup
管理员组成员列表
net localgroup administrators
RDP凭证
dir /a %userprofile%\AppData\Local\Microsoft\Credentials\*
浏览器密码获取
杀毒软件查询
wmic /node:localhost /namespace:\\root\securitycenter2 path antivirusproduct get displayname /format:list
关闭Windows Defender杀毒软件
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender” /v “DisableAntiSpyware” /d 1 /t REG_DWORD /f常见杀软程序
avList = {
"360tray.exe": "360安全卫士-实时保护",
"360safe.exe": "360安全卫士-主程序",
"ZhuDongFangYu.exe": "360安全卫士-主动防御",
"360sd.exe": "360杀毒",
"a2guard.exe": "a-squared杀毒",
"ad-watch.exe": "Lavasoft杀毒",
"cleaner8.exe": "The Cleaner杀毒",
"vba32lder.exe": "vb32杀毒",
"MongoosaGUI.exe": "Mongoosa杀毒",
"CorantiControlCenter32.exe": "Coranti2012杀毒",
"F-PROT.exe": "F-Prot AntiVirus",
"CMCTrayIcon.exe": "CMC杀毒",
"K7TSecurity.exe": "K7杀毒",
"UnThreat.exe": "UnThreat杀毒",
"CKSoftShiedAntivirus4.exe": "Shield Antivirus杀毒",
"AVWatchService.exe": "VIRUSfighter杀毒",
"ArcaTasksService.exe": "ArcaVir杀毒",
"iptray.exe": "Immunet杀毒",
"PSafeSysTray.exe": "PSafe杀毒",
"nspupsvc.exe": "nProtect杀毒",
"SpywareTerminatorShield.exe": "SpywareTerminator反间谍软件",
"BKavService.exe": "Bkav杀毒",
"MsMpEng.exe": "Microsoft Security Essentials",
"SBAMSvc.exe": "VIPRE",
"ccSvcHst.exe": "Norton杀毒",
"f-secure.exe": "冰岛",
"avp.exe": "Kaspersky",
"KvMonXP.exe": "江民杀毒",
"RavMonD.exe": "瑞星杀毒",
"Mcshield.exe": "McAfee",
"Tbmon.exe": "McAfee",
"Frameworkservice.exe": "McAfee",
"egui.exe": "ESET NOD32",
"ekrn.exe": "ESET NOD32",
"eguiProxy.exe": "ESET NOD32",
"kxetray.exe": "金山毒霸",
"knsdtray.exe": "可牛杀毒",
"TMBMSRV.exe": "趋势杀毒",
"avcenter.exe": "Avira(小红伞)",
"avguard.exe": "Avira(小红伞)",
"avgnt.exe": "Avira(小红伞)",
"sched.exe": "Avira(小红伞)",
"ashDisp.exe": "Avast网络安全",
"rtvscan.exe": "诺顿杀毒",
"ccapp.exe": "SymantecNorton",
"NPFMntor.exe": "Norton杀毒软件",
"ccSetMgr.exe": "赛门铁克",
"ccRegVfy.exe": "Norton杀毒软件",
"ksafe.exe": "金山卫士",
"QQPCRTP.exe": "QQ电脑管家",
"avgwdsvc.exe": "AVG杀毒",
"QUHLPSVC.exe": "QUICK HEAL杀毒",
"mssecess.exe": "微软杀毒",
"SavProgress.exe": "Sophos杀毒",
"SophosUI.exe": "Sophos杀毒",
"SophosFS.exe": "Sophos杀毒",
"SophosHealth.exe": "Sophos杀毒",
"SophosSafestore64.exe": "Sophos杀毒",
"SophosCleanM.exe": "Sophos杀毒",
"fsavgui.exe": "F-Secure杀毒",
"vsserv.exe": "比特梵德",
"remupd.exe": "熊猫卫士",
"FortiTray.exe": "飞塔",
"safedog.exe": "安全狗",
"parmor.exe": "木马克星",
"Iparmor.exe.exe": "木马克星",
"beikesan.exe": "贝壳云安全",
"KSWebShield.exe": "金山网盾",
"TrojanHunter.exe": "木马猎手",
"GG.exe": "巨盾网游安全盾",
"adam.exe": "绿鹰安全精灵",
"AST.exe": "超级巡警",
"ananwidget.exe": "墨者安全专家",
"AVK.exe": "AntiVirusKit",
"avg.exe": "AVG Anti-Virus",
"spidernt.exe": "Dr.web",
"avgaurd.exe": "Avira Antivir",
"vsmon.exe": "Zone Alarm",
"cpf.exe": "Comodo",
"outpost.exe": "Outpost Firewall",
"rfwmain.exe": "瑞星防火墙",
"kpfwtray.exe": "金山网镖",
"FYFireWall.exe": "风云防火墙",
"MPMon.exe": "微点主动防御",
"pfw.exe": "天网防火墙",
"BaiduSdSvc.exe": "百度杀毒-服务进程",
"BaiduSdTray.exe": "百度杀毒-托盘进程",
"BaiduSd.exe": "百度杀毒-主程序",
"SafeDogGuardCenter.exe": "安全狗",
"safedogupdatecenter.exe": "安全狗",
"safedogguardcenter.exe": "安全狗",
"SafeDogSiteIIS.exe": "安全狗",
"SafeDogTray.exe": "安全狗",
"SafeDogServerUI.exe": "安全狗",
"D_Safe_Manage.exe": "D盾",
"d_manage.exe": "D盾",
"yunsuo_agent_service.exe": "云锁",
"yunsuo_agent_daemon.exe": "云锁",
"HwsPanel.exe": "护卫神",
"hws_ui.exe": "护卫神",
"hws.exe": "护卫神",
"hwsd.exe": "护卫神",
"hipstray.exe": "火绒",
"wsctrl.exe": "火绒",
"usysdiag.exe": "火绒",
"SPHINX.exe": "SPHINX防火墙",
"bddownloader.exe": "百度卫士",
"baiduansvx.exe": "百度卫士-主进程",
"AvastUI.exe": "Avast!5主程序",
"emet_agent.exe": "EMET",
"emet_service.exe": "EMET",
"firesvc.exe": "McAfee",
"firetray.exe": "McAfee",
"hipsvc.exe": "McAfee",
"mfevtps.exe": "McAfee",
"mcafeefire.exe": "McAfee",
"scan32.exe": "McAfee",
"shstat.exe": "McAfee",
"vstskmgr.exe": "McAfee",
"engineserver.exe": "McAfee",
"mfeann.exe": "McAfee",
"mcscript.exe": "McAfee",
"updaterui.exe": "McAfee",
"udaterui.exe": "McAfee",
"naprdmgr.exe": "McAfee",
"cleanup.exe": "McAfee",
"cmdagent.exe": "McAfee",
"frminst.exe": "McAfee",
"mcscript_inuse.exe": "McAfee",
"mctray.exe": "McAfee",
"_avp32.exe": "卡巴斯基",
"_avpcc.exe": "卡巴斯基",
"_avpm.exe": "卡巴斯基",
"aAvgApi.exe": "AVG",
"ackwin32.exe": "已知杀软进程,名称暂未收录",
"alertsvc.exe": "Norton AntiVirus",
"alogserv.exe": "McAfee VirusScan",
"anti-trojan.exe": "Anti-Trojan Elite",
"arr.exe": "Application Request Route",
"atguard.exe": "AntiVir",
"atupdater.exe": "已知杀软进程,名称暂未收录",
"atwatch.exe": "Mustek",
"au.exe": "NSIS",
"aupdate.exe": "Symantec",
"auto-protect.nav80try.exe": "已知杀软进程,名称暂未收录",
"autodown.exe": "AntiVirus AutoUpdater",
"avconsol.exe": "McAfee",
"avgcc32.exe": "AVG",
"avgctrl.exe": "AVG",
"avgemc.exe": "AVG",
"avgrsx.exe": "AVG",
"avgserv.exe": "AVG",
"avgserv9.exe": "AVG",
"avgw.exe": "AVG",
"avkpop.exe": "G DATA SOFTWARE AG",
"avkserv.exe": "G DATA SOFTWARE AG",
"avkservice.exe": "G DATA SOFTWARE AG",
"avkwctl9.exe": "G DATA SOFTWARE AG",
"avltmain.exe": "Panda Software Aplication",
"avnt.exe": "H+BEDV Datentechnik GmbH",
"avp32.exe": "Kaspersky Anti-Virus",
"avpcc.exe": " Kaspersky AntiVirus",
"avpdos32.exe": " Kaspersky AntiVirus",
"avpm.exe": " Kaspersky AntiVirus",
"avptc32.exe": " Kaspersky AntiVirus",
"avpupd.exe": " Kaspersky AntiVirus",
"avsynmgr.exe": "McAfee",
"avwin.exe": " H+BEDV",
"bargains.exe": "Exact Advertising SpyWare",
"beagle.exe": "Avast",
"blackd.exe": "BlackICE",
"blackice.exe": "BlackICE",
"blink.exe": "micromedia",
"blss.exe": "CBlaster",
"bootwarn.exe": "Symantec",
"bpc.exe": "Grokster",
"brasil.exe": "Exact Advertising",
"ccevtmgr.exe": "Norton Internet Security",
"cdp.exe": "CyberLink Corp.",
"cfd.exe": "Motive Communications",
"cfgwiz.exe": " Norton AntiVirus",
"claw95.exe": "已知杀软进程,名称暂未收录",
"claw95cf.exe": "已知杀软进程,名称暂未收录",
"clean.exe": "windows流氓软件清理大师",
"cleaner.exe": "windows流氓软件清理大师",
"cleaner3.exe": "windows流氓软件清理大师",
"cleanpc.exe": "windows流氓软件清理大师",
"cpd.exe": "McAfee",
"ctrl.exe": "已知杀软进程,名称暂未收录", "cv.exe": "已知杀软进程,名称暂未收录", "defalert.exe": "Symantec", "defscangui.exe": "Symantec", "defwatch.exe": "Norton Antivirus", "doors.exe": "已知杀软进程,名称暂未收录", "dpf.exe": "已知杀软进程,名称暂未收录", "dpps2.exe": "PanicWare", "dssagent.exe": "Broderbund",
"ecengine.exe": "已知杀软进程,名称暂未收录", "emsw.exe": "Alset Inc",
"ent.exe": "已知杀软进程,名称暂未收录", "espwatch.exe": "已知杀软进程,名称暂未收录", "ethereal.exe": "RationalClearCase", "exe.avxw.exe": "已知杀软进程,名称暂未收录",
"expert.exe": "已知杀软进程,名称暂未收录", "f-prot95.exe": "已知杀软进程,名称暂未收录", "fameh32.exe": "F-Secure",
"fast.exe": " FastUsr", "fch32.exe": "F-Secure", "fih32.exe": "F-Secure", "findviru.exe": "F-Secure", "firewall.exe": "AshampooSoftware", "fnrb32.exe": "F-Secure",
"fp-win.exe": " F-Prot Antivirus OnDemand", "fsaa.exe": "F-Secure",
"fsav.exe": "F-Secure", "fsav32.exe": "F-Secure", "fsav530stbyb.exe": "F-Secure", "fsav530wtbyb.exe": "F-Secure", "fsav95.exe": "F-Secure", "fsgk32.exe": "F-Secure", "fsm32.exe": "F-Secure", "fsma32.exe": "F-Secure", "fsmb32.exe": "F-Secure",
"gbmenu.exe": "已知杀软进程,名称暂未收录",
"guard.exe": "ewido", "guarddog.exe": "ewido",
"htlog.exe": "已知杀软进程,名称暂未收录",
"htpatch.exe": "Silicon Integrated Systems Corporation", "hwpe.exe": "已知杀软进程,名称暂未收录",
"iamapp.exe": "Symantec", "iamserv.exe": "Symantec", "iamstats.exe": "Symantec", "iedriver.exe": " Urlblaze.com", "iface.exe": "Panda Antivirus Module", "infus.exe": "Infus Dialer", "infwin.exe": "Msviewparasite", "intdel.exe": "Inet Delivery", "intren.exe": "已知杀软进程,名称暂未收录", "jammer.exe": "已知杀软进程,名称暂未收录", "kavpf.exe": "Kapersky",
"kazza.exe": "Kapersky", "keenvalue.exe": "EUNIVERSE INC", "launcher.exe": "Intercort Systems", "ldpro.exe": "已知杀软进程,名称暂未收录", "ldscan.exe": "Windows Trojans Inspector", "localnet.exe": "已知杀软进程,名称暂未收录", "luall.exe": "Symantec",
"luau.exe": "Symantec", "lucomserver.exe": "Norton", "mcagent.exe": "McAfee", "mcmnhdlr.exe": "McAfee", "mctool.exe": "McAfee", "mcupdate.exe": "McAfee", "mcvsrte.exe": "McAfee", "mcvsshld.exe": "McAfee", "mfin32.exe": "MyFreeInternetUpdate",
"mfw2en.exe": "MyFreeInternetUpdate", "mfweng3.02d30.exe": "MyFreeInternetUpdate", "mgavrtcl.exe": "McAfee",
"mgavrte.exe": "McAfee", "mghtml.exe": "McAfee", "mgui.exe": "BullGuard", "minilog.exe": "Zone Labs Inc", "mmod.exe": "EzulaInc", "mostat.exe": "WurldMediaInc", "mpfagent.exe": "McAfee", "mpfservice.exe": "McAfee", "mpftray.exe": "McAfee",
"mscache.exe": "Integrated Search Technologies Spyware", "mscman.exe": "OdysseusMarketingInc",
"msmgt.exe": "Total Velocity Spyware", "msvxd.exe": "W32/Datom-A",
"mwatch.exe": "已知杀软进程,名称暂未收录",
"nav.exe": "Reuters Limited", "navapsvc.exe": "Norton AntiVirus", "navapw32.exe": "Norton AntiVirus", "navw32.exe": "Norton Antivirus", "ndd32.exe": "诺顿磁盘医生", "neowatchlog.exe": "已知杀软进程,名称暂未收录", "netutils.exe": "已知杀软进程,名称暂未收录", "nisserv.exe": "Norton",
"nisum.exe": "Norton", "nmain.exe": "Norton",
"nod32.exe": "ESET Smart Security", "norton_internet_secu_3.0_407.exe": "已知杀软进程,名称暂未收录", "notstart.exe": "已知杀软进程,名称暂未收录",
"nprotect.exe": "Symantec", "npscheck.exe": "Norton", "npssvc.exe": "Norton", "ntrtscan.exe": "趋势反病毒应用程序", "nui.exe": "已知杀软进程,名称暂未收录", "otfix.exe": "已知杀软进程,名称暂未收录", "outpostinstall.exe": "Outpost", "patch.exe": "趋势科技",
"pavw.exe": "已知杀软进程,名称暂未收录", "pcscan.exe": "趋势科技",
"pdsetup.exe": "已知杀软进程,名称暂未收录", "persfw.exe": "Tiny Personal Firewall", "pgmonitr.exe": "PromulGate SpyWare", "pingscan.exe": "已知杀软进程,名称暂未收录", "platin.exe": "已知杀软进程,名称暂未收录", "pop3trap.exe": "PC-cillin", "poproxy.exe": "NortonAntiVirus", "popscan.exe": "已知杀软进程,名称暂未收录",
"powerscan.exe": "Integrated Search Technologies", "ppinupdt.exe": "已知杀软进程,名称暂未收录", "pptbc.exe": "已知杀软进程,名称暂未收录", "ppvstop.exe": "已知杀软进程,名称暂未收录", "prizesurfer.exe": "Prizesurfer",
"prmt.exe": "OpiStat", "prmvr.exe": "Adtomi", "processmonitor.exe": "Sysinternals", "proport.exe": "已知杀软进程,名称暂未收录", "protectx.exe": "ProtectX",
"pspf.exe": "已知杀软进程,名称暂未收录", "purge.exe": "已知杀软进程,名称暂未收录",
"qconsole.exe": "Norton AntiVirus Quarantine Console", "qserver.exe": "Norton Internet Security", "rapapp.exe": "BlackICE",
"rb32.exe": "RapidBlaster", "rcsync.exe": "PrizeSurfer", "realmon.exe": "Realmon ",
"rescue.exe": "已知杀软进程,名称暂未收录","rescue32.exe": "卡巴斯基互联网安全套装", "rshell.exe": "已知杀软进程,名称暂未收录", "rtvscn95.exe": "Real-time virus scanner ", "rulaunch.exe": "McAfee User Interface", "run32dll.exe": "PAL PC Spy",
"safeweb.exe": "PSafe Tecnologia", "sbserv.exe": "Norton Antivirus", "scrscan.exe": "360杀毒","sfc.exe": "System file checker", "sh.exe": "MKS Toolkit for Win3","showbehind.exe": "MicroSmarts Enterprise Component ", "soap.exe": "System Soap Pro","sofi.exe": "已知杀软进程,名称暂未收录","sperm.exe": "已知杀软进程,名称暂未收录", "supporter5.exe": "eScorcher反病毒", "symproxysvc.exe": "Symantec", "symtray.exe": "Symantec", "tbscan.exe": "ThunderBYTE",
"tc.exe": "TimeCalende", "titanin.exe": "TitanHide", "tvmd.exe": "Total Velocity", "tvtmd.exe": " Total Velocity", "vettray.exe": "eTrust",
"vir-help.exe": "已知杀软进程,名称暂未收录","vnpc3000.exe": "已知杀软进程,名称暂未收录", "vpc32.exe": "Symantec","vpc42.exe": "Symantec", "vshwin32.exe": "McAfee", "vsmain.exe": "McAfee", "vsstat.exe": "McAfee",
"wfindv32.exe": "已知杀软进程,名称暂未收录","zapro.exe": "Zone Alarm", "zonealarm.exe": "Zone Alarm", "AVPM.exe": "Kaspersky",
"A2CMD.exe": "Emsisoft Anti-Malware", "A2SERVICE.exe": "a-squared free", "A2FREE.exe": "a-squared Free", "ADVCHK.exe": "Norton AntiVirus",
"AGB.exe": "安天防线","AHPROCMONSERVER.exe": "安天防线", "AIRDEFENSE.exe": "AirDefense", "ALERTSVC.exe": "Norton AntiVirus", "AVIRA.exe": "小红伞杀毒",
"AMON.exe": "Tiny Personal Firewall", "AVZ.exe": "AVZ","ANTIVIR.exe": "已知杀软进程,名称暂未收录",
"APVXDWIN.exe": "熊猫卫士", "ASHMAISV.exe": "Alwil", "ASHSERV.exe": "Avast Anti-virus", "ASHSIMPL.exe": "AVAST!VirusCleaner", "ASHWEBSV.exe": "Avast", "ASWUPDSV.exe": "Avast", "ASWSCAN.exe": "Avast",
"AVCIMAN.exe": "熊猫卫士", "AVCONSOL.exe": "McAfee", "AVENGINE.exe": "熊猫卫士",
"AVESVC.exe": "Avira AntiVir Security Service", "AVEVL32.exe": "已知杀软进程,名称暂未收录", "AVGAM.exe": "AVG",
"AVGCC.exe": "AVG", "AVGCHSVX.exe": "AVG", "AVGCSRVX": "AVG", "AVGNSX.exe": "AVG", "AVGCC32.exe": "AVG", "AVGCTRL.exe": "AVG", "AVGEMC.exe": "AVG", "AVGFWSRV.exe": "AVG", "AVGNTMGR.exe": "AVG", "AVGSERV.exe": "AVG", "AVGTRAY.exe": "AVG", "AVGUPSVC.exe": "AVG",
"AVINITNT.exe": "Command AntiVirus for NT Server", "AVPCC.exe": "Kaspersky",
"AVSERVER.exe": "Kerio MailServer", "AVSCHED32.exe": "H+BEDV", "AVSYNMGR.exe": "McAfee", "AVWUPSRV.exe": "H+BEDV", "BDSWITCH.exe": "BitDefender Module", "BLACKD.exe": "BlackICE", "CCEVTMGR.exe": "Symantec",
"CFP.exe": "COMODO",
"CLAMWIN.exe": "ClamWin Portable", "CUREIT.exe": "DrWeb CureIT", "DEFWATCH.exe": "Norton Antivirus", "DRWADINS.exe": "Dr.Web", "DRWEB.exe": "Dr.Web",
"DEFENDERDAEMON.exe": "ShadowDefender", "EWIDOCTRL.exe": "Ewido Security Suite", "EZANTIVIRUSREGISTRATIONCHECK.exe": "e-Trust Antivirus", "FIREWALL.exe": "AshampooSoftware",
"FPROTTRAY.exe": "F-PROT Antivirus", "FPWIN.exe": "Verizon",
"FRESHCLAM.exe": "ClamAV", "FSAV32.exe": "F-Secure", "FSBWSYS.exe": "F-secure", "FSDFWD.exe": "F-Secure", "FSGK32.exe": "F-Secure", "FSGK32ST.exe": "F-Secure", "FSMA32.exe": "F-Secure", "FSMB32.exe": "F-Secure", "FSSM32.exe": "F-Secure", "GUARDGUI.exe": "网游保镖", "GUARDNT.exe": "IKARUS", "IAMAPP.exe": "Symantec", "INOCIT.exe": "eTrust", "INORPC.exe": "eTrust", "INORT.exe": "eTrust", "INOTASK.exe": "eTrust", "INOUPTNG.exe": "eTrust", "ISAFE.exe": "eTrust", "KAV.exe": "Kaspersky", "KAVMM.exe": "Kaspersky", "KAVPF.exe": "Kaspersky", "KAVPFW.exe": "Kaspersky", "KAVSTART.exe": "Kaspersky", "KAVSVC.exe": "Kaspersky", "KAVSVCUI.exe": "Kaspersky", "KMAILMON.exe": "金山毒霸", "MCAGENT.exe": "McAfee", "MCMNHDLR.exe": "McAfee", "MCREGWIZ.exe": "McAfee", "MCUPDATE.exe": "McAfee", "MCVSSHLD.exe": "McAfee", "MINILOG.exe": "Zone Alarm", "MYAGTSVC.exe": "McAfee", "MYAGTTRY.exe": "McAfee", "NAVAPSVC.exe": "Norton", "NAVAPW32.exe": "Norton", "NAVLU32.exe": "Norton",
"NAVW32.exe": "Norton Antivirus", "NEOWATCHLOG.exe": "NeoWatch", "NEOWATCHTRAY.exe": "NeoWatch", "NISSERV.exe": "Norton", "NISUM.exe": "Norton", "NMAIN.exe": "Norton", "NOD32.exe": "ESET NOD32", "NPFMSG.exe": "Norman个人防火墙", "NPROTECT.exe": "Symantec", "NSMDTR.exe": "Norton", "NTRTSCAN.exe": "趋势科技", "OFCPFWSVC.exe": "OfficeScanNT",
"ONLINENT.exe": "已知杀软进程,名称暂未收录", "OP_MON.exe": " OutpostFirewall", "PAVFIRES.exe": "熊猫卫士", "PAVFNSVR.exe": "熊猫卫士",
"PAVKRE.exe": "熊猫卫士", "PAVPROT.exe": "熊猫卫士", "PAVPROXY.exe": "熊猫卫士", "PAVPRSRV.exe": "熊猫卫士", "PAVSRV51.exe": "熊猫卫士", "PAVSS.exe": "熊猫卫士", "PCCGUIDE.exe": "PC-cillin", "PCCIOMON.exe": "PC-cillin", "PCCNTMON.exe": "PC-cillin", "PCCPFW.exe": "趋势科技", "PCCTLCOM.exe": "趋势科技", "PCTAV.exe": "PC Tools AntiVirus",
"PERSFW.exe": "Tiny Personal Firewall", "PERVAC.exe": "已知杀软进程,名称暂未收录", "PESTPATROL.exe": "Ikarus", "PREVSRV.exe": "熊猫卫士",
"RTVSCN95.exe": "Real-time Virus Scanner", "SAVADMINSERVICE.exe": "SAV", "SAVMAIN.exe": "SAV",
"SAVSCAN.exe": "SAV", "SDHELP.exe": "Spyware Doctor", "SHSTAT.exe": "McAfee", "SPBBCSVC.exe": "Symantec", "SPIDERCPL.exe": "Dr.Web", "SPIDERML.exe": "Dr.Web", "SPIDERUI.exe": "Dr.Web", "SPYBOTSD.exe": "Spybot ", "SWAGENT.exe": "SonicWALL", "SWDOCTOR.exe": "SonicWALL", "SWNETSUP.exe": "Sophos", "SYMLCSVC.exe": "Symantec", "SYMPROXYSVC.exe": "Symantec", "SYMSPORT.exe": "Sysmantec", "SYMWSC.exe": "Sysmantec", "SYNMGR.exe": "Sysmantec",
"TMLISTEN.exe": "趋势科技",
"TMNTSRV.exe": "趋势科技", "TMPROXY.exe": "趋势科技", "TNBUTIL.exe": "Anti-Virus",
"VBA32ECM.exe": "已知杀软进程,名称暂未收录", "VBA32IFS.exe": "已知杀软进程,名称暂未收录", "VBA32PP3.exe": "已知杀软进程,名称暂未收录", "VCRMON.exe": "VirusChaser", "VRMONNT.exe": "HAURI",
"VRMONSVC.exe": "HAURI", "VSHWIN32.exe": "McAfee", "VSSTAT.exe": "McAfee", "XCOMMSVR.exe": "BitDefender", "ZONEALARM.exe": "Zone Alarm", "360rp.exe": "360杀毒", "afwServ.exe": " Avast Antivirus ", "safeboxTray.exe": "360杀毒", "360safebox.exe": "360杀毒",
"QQPCTray.exe "QQ" "KSafeTray.exe": " " "KSafeSvc.exe": " "
(Watch.exe": " "
"gov defence service.exe": " "
ov defence daemon.exe": " "
"smartscreen.exe": "Wndows Defender"© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
暂无评论内容