批处理新手入门导读[视频教程]批处理基础视频教程[视频教程]VBS基础视频教程
[批处理文件精品]批处理版照片整理器[批处理文件精品]纯批处理备份&还原驱动在线第三方下载
返回列表 发帖

[原创] VBS列出进程加载的DLL的完整路径

VBScript调用WMI列出进程加载的所有DLL的完整路径。
如需转载请注明出处。
http://www.bathome.net/thread-15724-1-1.html
  1. 'By powerbat @ www.bathome.net
  2. 'listdll.vbs ver 1.0 - List DLLs loaded in process.
  3. set args = WScript.Arguments
  4. if args.length=0 then show_usage(0)
  5. s = "Name='"
  6. for each arg in args
  7.   s = s & arg & "' OR Name='"
  8. next
  9. s = s & "'"
  10. s = Replace(s, "OR Name=''", "", 1, 1, 1)
  11. Set objWMIServices = GetObject("winmgmts:\\.\root\cimv2")
  12. Set colProcs = objWMIServices.ExecQuery(_
  13.     "select * from Win32_Process where (" & s & ")")
  14. for each objProc in colProcs
  15.   WScript.Echo "pid="& objProc.ProcessId, objProc.Name
  16.   WScript.Echo objProc.CommandLine
  17.   WScript.Echo String(79, "-")
  18.   Set colFiles = objWMIServices.ExecQuery("ASSOCIATORS OF {CIM_Process='"_
  19.     & objProc.Handle & "'} where "_
  20.     & "AssocClass = CIM_ProcessExecutable ResultClass = CIM_DataFile")
  21.   For Each objFile In colFiles
  22.     WScript.Echo objFile.Name
  23.   Next
  24.   WScript.Echo String(79, "=")
  25. next
  26. sub show_usage(flag)
  27.   WScript.Echo "usage: cscript " & WScript.ScriptName & " ProcessName[ ProcessName]..."
  28.   if flag=0 then WScript.Quit
  29. end sub
复制代码
1

评分人数

还有两个WMI类可以获取DLL的完整路径:
Win32_PerfRawData_PerfProc_FullImage_Costly
Win32_PerfFormattedData_PerfProc_FullImage_Costly

TOP

返回列表