标题: [系统增强] 进程与DLL模块相互查询及管理批处理版 [打印本页]
作者: foxJL 时间: 2008-1-7 23:15 标题: 进程与DLL模块相互查询及管理批处理版
没做界面美化,实用为主.
因为网页不能处理Tab(跳格键),都会自动用空格代替,请下载附件使用.- @echo off&setlocal enabledelayedexpansion
- ::code by foxjl@bbs.bathome.net 2008/01/07
- :menu
- cls&echo\&echo\
- echo. 1.显示进程及所被调用的模块(简洁)
- echo\
- echo. 2.通过进程查找并列出所调用的模块(包括模块详细信息)
- echo\
- echo. 3.通过模块找到所调用它的进程
- echo\
- echo. 4.结束进程
- :afresh
- echo\
- set/p choice= 请输入选项:
- set error= 错误的选择,请重新输入.
- if %choice% leq 0 (echo.%error%&goto afresh) else (if %choice% gtr 4 (echo.%error%&goto afresh))
- goto choice%choice%
- pause&exit
- :choice1
- cls
- tasklist /m /fo "csv" /nh
- echo.所有进程及所被调用的模块显示完毕.按任意键返回.
- pause>nul&goto menu
- :choice2
- del particular.txt >nul 2>nul
- echo\
- set /p name= 请输入进程名(如Q.exe):
- for /f %%i in ('TASKLIST /fi "IMAGENAME eq %name%" /fo "csv" /nh /m') do (
- set namedll=%%~i
- set namedll=!namedll:"=!
- echo !namedll!
- )
- echo\
- set /p yes=进程"%name%"调用的所有模块列举完毕,是否列出模块详细信息(Y/N):
- set /p all=A-仅路径(默认完整信息):
- mode con cols=150 lines=80
- if /i "%yes%"=="y" (
- start msinfo32 /categories +swenvloadedmodules /report particular.txt
- echo.请稍候...
- :particular
- if not exist particular.txt (
- ping -n 1 127.1>nul
- goto particular
- ) else (
- cls
- if /i "%all%"=="A" (echo.名称---路径) else (echo.名称---版本---大小---文件日期---制造商---路径)
- for %%i in (%namedll%) do (
- if /i "%all%"=="A" (
- for /f "delims= tokens=1,6" %%j in ('type particular.txt ^| find /i "%%i"') do (
- echo %%j---%%k
- )
- ) else (
- for /f "delims=" %%j in ('type particular.txt ^| find /i "%%i"') do (
- set particular=%%j
- set particular=!particular: =-!
- echo !particular!
- )
- )
- )
- echo.进程"%name%"调用的所有模块详细信息列举完毕,按任意键返回.
- pause>nul&goto menu
- )
- )
- goto menu
- :choice3
- echo\&set /p b=输入DLL名:
- for /f "tokens=*" %%i in ('TASKLIST /m /fo "csv" /nh') do (
- echo %%i | find /i "%b%"
- if not %ERRORLEVEL% equ 0 echo\&echo %%i)
- echo\&echo.显示完毕.按任意键返回.
- pause>nul&goto menu
- :choice4
- Tasklist
- echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━以上是进程列表.
- Set /p IM=输入所要结束进程的名称(如:id.exe):
- taskkill /f /t /im %IM%
- ECHO 命令完成!按任意键返回.
- pause>nul&goto menu
链接: https://pan.baidu.com/s/1j7P6l5TBTqgsuLtxeFCF4Q?pwd=7jyf
作者: somebody 时间: 2008-1-8 00:18
1. 走我的老路~~~~~想当初为这个问题浪费N 多精力,狂想突破批处理瓶脊,发现自己是傻瓜....VBS解救了我.
tasklist 和 msinfo32
tasklist 得到的信息不详细,比如DLL全路径,你用批处理很难得到(全面的)
至于msinfo32 ,运行完我都吃完一餐了。想以前我狂研究这个令人郁闷的东西
2. 一发出来马上高亮,厉害!"forJL出品,必属精品" 是不是这样吖 youxi01
3. 若你真正有兴趣研究安全问题....本论坛的关于进程的精华贴你看过后绝对有收获,就算看了没收获,用过后你也会有另翻想法...
[ 本帖最后由 somebody 于 2008-1-8 00:19 编辑 ]
作者: 随风 时间: 2008-1-8 00:24
原来纯批也可以做到这么厉害,佩服!!!
作者: somebody 时间: 2008-1-8 00:25
我帮你测试一下...- 1.显示进程及所被调用的模块(简洁)
-
- 2.通过进程查找并列出所调用的模块(包括模块详细信息)
-
- 3.通过模块找到所调用它的进程
-
- 4.结束进程
-
- 请输入选项:1
结果:- "System Idle Process","0","暂缺"
- "System","4","暂缺"
- "smss.exe","688","ntdll.dll"
- "csrss.exe","756","ntdll.dll,CSRSRV.dll,basesrv.dll,winsrv.dll,USER32.dll,KERNEL
- 32.dll,GDI32.dll,LPK.DLL,USP10.dll,msvcrt.dll,ADVAPI32.dll,RPCRT4.dll,sxs.dll,Ap
- phelp.dll,VERSION.dll"
- "winlogon.exe","780","ntdll.dll,kernel32.dll,ADVAPI32.dll,RPCRT4.dll,AUTHZ.dll,m
- svcrt.dll,CRYPT32.dll,USER32.dll,GDI32.dll,MSASN1.dll,NDdeApi.dll,PROFMAP.dll,NE
- TAPI32.dll,USERENV.dll,PSAPI.DLL,REGAPI.dll,Secur32.dll,SETUPAPI.dll,VERSION.dll
- ,WINSTA.dll,WINTRUST.dll,IMAGEHLP.dll,WS2_32.dll,WS2HELP.dll,IMM32.DLL,LPK.DLL,U
- SP10.dll,MSGINA.dll,SHELL32.dll,SHLWAPI.dll,COMCTL32.dll,ODBC32.dll,comdlg32.dll
- ,comctl32.dll,odbcint.dll,SHSVCS.dll,sfc.dll,sfc_os.dll,ole32.dll,Apphelp.dll,ms
- ctfime.ime,sxs.dll,WINSCARD.DLL,WTSAPI32.dll,uxtheme.dll,WINMM.dll,cscdll.dll,kl
- ogon.dll,rsaenh.dll,WlNotify.dll,WINSPOOL.DRV,MPR.dll,SAMLIB.dll,msv1_0.dll,iphl
- papi.dll,wldap32.dll,cscui.dll,xpsp2res.dll,NTMARTA.DLL,wdmaud.drv,msacm32.drv,M
- SACM32.dll,midimap.dll,COMRes.dll,OLEAUT32.dll,CLBCATQ.DLL,wbemprox.dll,wbemcomn
- .dll,wbemsvc.dll,fastprox.dll,MSVCP60.dll,NTDSAPI.dll,DNSAPI.dll"
- "services.exe","824","ntdll.dll,kernel32.dll,msvcrt.dll,ADVAPI32.dll,RPCRT4.dll,
- USER32.dll,GDI32.dll,USERENV.dll,SCESRV.dll,AUTHZ.dll,umpnpmgr.dll,WINSTA.dll,NE
- TAPI32.dll,NCObjAPI.DLL,MSVCP60.dll,ShimEng.dll,AcGenral.DLL,WINMM.dll,ole32.dll
- ,OLEAUT32.dll,MSACM32.dll,VERSION.dll,SHELL32.dll,SHLWAPI.dll,UxTheme.dll,IMM32.
- DLL,LPK.DLL,USP10.dll,comctl32.dll,comctl32.dll,secur32.dll,Apphelp.dll,eventlog
- .dll,WS2_32.dll,WS2HELP.dll,PSAPI.DLL,wtsapi32.dll"
- "lsass.exe","836","ntdll.dll,kernel32.dll,ADVAPI32.dll,RPCRT4.dll,LSASRV.dll,msv
- crt.dll,Secur32.dll,USER32.dll,GDI32.dll,SAMSRV.dll,cryptdll.dll,DNSAPI.dll,WS2_
- 32.dll,WS2HELP.dll,MSASN1.dll,NETAPI32.dll,SAMLIB.dll,MPR.dll,NTDSAPI.dll,WLDAP3
- 2.dll,ShimEng.dll,AcGenral.DLL,WINMM.dll,ole32.dll,OLEAUT32.dll,MSACM32.dll,VERS
- ION.dll,SHELL32.dll,SHLWAPI.dll,USERENV.dll,UxTheme.dll,IMM32.DLL,LPK.DLL,USP10.
- dll,comctl32.dll,comctl32.dll,msprivs.dll,kerberos.dll,msv1_0.dll,iphlpapi.dll,n
- etlogon.dll,w32time.dll,MSVCP60.dll,schannel.dll,CRYPT32.dll,wdigest.dll,rsaenh.
- dll,setupapi.dll,scecli.dll,ipsecsvc.dll,AUTHZ.dll,oakley.DLL,WINIPSEC.DLL,pstor
- svc.dll,mswsock.dll,hnetcfg.dll,wshtcpip.dll,psbase.dll,dssenh.dll,iissuba.dll"
- "svchost.exe","1000","ntdll.dll,kernel32.dll,ADVAPI32.dll,RPCRT4.dll,ShimEng.dll
- ,AcGenral.DLL,USER32.dll,GDI32.dll,WINMM.dll,ole32.dll,msvcrt.dll,OLEAUT32.dll,M
- SACM32.dll,VERSION.dll,SHELL32.dll,SHLWAPI.dll,USERENV.dll,UxTheme.dll,IMM32.DLL
- ,LPK.DLL,USP10.dll,comctl32.dll,comctl32.dll,NTMARTA.DLL,WLDAP32.dll,SAMLIB.dll,
- rpcss.dll,WS2_32.dll,WS2HELP.dll,Secur32.dll,xpsp2res.dll,CLBCATQ.DLL,COMRes.dll
- ,termsrv.dll,ICAAPI.dll,SETUPAPI.dll,WINTRUST.dll,CRYPT32.dll,MSASN1.dll,IMAGEHL
- P.dll,AUTHZ.dll,mstlsapi.dll,ACTIVEDS.dll,adsldpc.dll,NETAPI32.dll,ATL.DLL,REGAP
- I.dll,rsaenh.dll,rdpwsx.dll,WINSPOOL.DRV,Apphelp.dll,WTSAPI32.dll,WINSTA.dll,msv
- 1_0.dll,iphlpapi.dll"
- "svchost.exe","1060","ntdll.dll,kernel32.dll,ADVAPI32.dll,RPCRT4.dll,ShimEng.dll
- ,AcGenral.DLL,USER32.dll,GDI32.dll,WINMM.dll,ole32.dll,msvcrt.dll,OLEAUT32.dll,M
- SACM32.dll,VERSION.dll,SHELL32.dll,SHLWAPI.dll,USERENV.dll,UxTheme.dll,IMM32.DLL
- ,LPK.DLL,USP10.dll,comctl32.dll,comctl32.dll,rpcss.dll,WS2_32.dll,WS2HELP.dll,Se
- cur32.dll,xpsp2res.dll,rsaenh.dll,mswsock.dll,hnetcfg.dll,wshtcpip.dll,DNSAPI.dl
- l,iphlpapi.dll,winrnr.dll,WLDAP32.dll,rasadhlp.dll,CLBCATQ.DLL,COMRes.dll,msi.dl
- l"
- "svchost.exe","1388","ntdll.dll,kernel32.dll,ADVAPI32.dll,RPCRT4.dll,ShimEng.dll
- ,AcGenral.DLL,USER32.dll,GDI32.dll,WINMM.dll,ole32.dll,msvcrt.dll,OLEAUT32.dll,M
- SACM32.dll,VERSION.dll,SHELL32.dll,SHLWAPI.dll,USERENV.dll,UxTheme.dll,IMM32.DLL
- ,LPK.DLL,USP10.dll,comctl32.dll,comctl32.dll,NTMARTA.DLL,WLDAP32.dll,SAMLIB.dll,
- xpsp2res.dll,shsvcs.dll,WINSTA.dll,NETAPI32.dll,dhcpcsvc.dll,DNSAPI.dll,WS2_32.d
- ll,WS2HELP.dll,iphlpapi.dll,Secur32.dll,rsaenh.dll,wzcsvc.dll,rtutils.dll,WMI.dl
- l,CRYPT32.dll,MSASN1.dll,WTSAPI32.dll,ESENT.dll,ATL.DLL,schedsvc.dll,NTDSAPI.dll
- ,IMAGEHLP.dll,rastls.dll,CRYPTUI.dll,WINTRUST.dll,WININET.dll,MPRAPI.dll,ACTIVED
- S.dll,adsldpc.dll,SETUPAPI.dll,RASAPI32.dll,rasman.dll,TAPI32.dll,SCHANNEL.dll,W
- inSCard.dll,raschap.dll,msv1_0.dll,MSIDLE.DLL,audiosrv.dll,wkssvc.dll,cryptsvc.d
- ll,certcli.dll,pchsvc.dll,es.dll,COMRes.dll,CLBCATQ.DLL,ersvc.dll,dmserver.dll,s
- rvsvc.dll,netman.dll,netshell.dll,credui.dll,WZCSAPI.DLL,trkwks.dll,srsvc.dll,PO
- WRPROF.dll,sens.dll,seclogon.dll,HNETCFG.DLL,wmisvc.dll,VSSAPI.DLL,SXS.DLL,w32ti
- me.dll,MSVCP60.dll,ipnathlp.dll,MSWSOCK.dll,AUTHZ.dll,wscsvc.dll,msi.dll,wshtcpi
- p.dll,comsvcs.dll,MTXCLU.DLL,WSOCK32.dll,colbact.DLL,CLUSAPI.DLL,RESUTILS.DLL,br
- owser.dll,wbemcomn.dll,wbemcore.dll,esscli.dll,FastProx.dll,upnp.dll,WINHTTP.dll
- ,SSDPAPI.dll,wmiutils.dll,rasadhlp.dll,repdrvfs.dll,wmiprvsd.dll,NCObjAPI.DLL,wb
- emess.dll,netcfgx.dll,rasmans.dll,WINIPSEC.DLL,tapisrv.dll,PSAPI.DLL,rastapi.dll
- ,unimdm.tsp,uniplat.dll,ncprov.dll,kmddsp.tsp,ndptsp.tsp,ipconf.tsp,h323.tsp,hid
- phone.tsp,HID.DLL,rasppp.dll,ntlsapi.dll,kerberos.dll,cryptdll.dll,RASDLG.dll,ms
- xml3.dll,urlmon.dll,wbemsvc.dll"
- "svchost.exe","1460","ntdll.dll,kernel32.dll,ADVAPI32.dll,RPCRT4.dll,ShimEng.dll
- ,AcGenral.DLL,USER32.dll,GDI32.dll,WINMM.dll,ole32.dll,msvcrt.dll,OLEAUT32.dll,M
- SACM32.dll,VERSION.dll,SHELL32.dll,SHLWAPI.dll,USERENV.dll,UxTheme.dll,IMM32.DLL
- ,LPK.DLL,USP10.dll,comctl32.dll,comctl32.dll,dnsrslvr.dll,DNSAPI.dll,WS2_32.dll,
- WS2HELP.dll,iphlpapi.dll,mswsock.dll,hnetcfg.dll,wshtcpip.dll"
- "svchost.exe","1620","ntdll.dll,kernel32.dll,ADVAPI32.dll,RPCRT4.dll,ShimEng.dll
- ,AcGenral.DLL,USER32.dll,GDI32.dll,WINMM.dll,ole32.dll,msvcrt.dll,OLEAUT32.dll,M
- SACM32.dll,VERSION.dll,SHELL32.dll,SHLWAPI.dll,USERENV.dll,UxTheme.dll,IMM32.DLL
- ,LPK.DLL,USP10.dll,comctl32.dll,comctl32.dll,NTMARTA.DLL,WLDAP32.dll,SAMLIB.dll,
- xpsp2res.dll,lmhsvc.dll,iphlpapi.dll,WS2_32.dll,WS2HELP.dll,webclnt.dll,WININET.
- dll,CRYPT32.dll,MSASN1.dll,Secur32.dll,urlmon.dll,wsock32.dll,ssdpsrv.dll,hnetcf
- g.dll,CLBCATQ.DLL,COMRes.dll,mswsock.dll,wshtcpip.dll,rsaenh.dll,httpapi.dll,WIN
- HTTP.dll,DNSAPI.dll,rasadhlp.dll,RASAPI32.DLL,rasman.dll,NETAPI32.dll,TAPI32.dll
- ,rtutils.dll,msv1_0.dll,sensapi.dll"
- "stormliv.exe","236","ntdll.dll,kernel32.dll,SHLWAPI.dll,msvcrt.dll,GDI32.dll,US
- ER32.dll,ADVAPI32.dll,RPCRT4.dll,WS2_32.dll,WS2HELP.dll,MSVCP60.dll,MFC42.DLL,co
- mdlg32.dll,COMCTL32.dll,SHELL32.dll,ole32.dll,OLEAUT32.dll,VERSION.dll,SETUPAPI.
- dll,WININET.dll,CRYPT32.dll,MSASN1.dll,IMM32.DLL,LPK.DLL,USP10.dll,MFC42LOC.DLL,
- uxtheme.dll,xpsp2res.dll,mswsock.dll,hnetcfg.dll,wshtcpip.dll,CLBCATQ.DLL,COMRes
- .dll,DNSAPI.dll,msxml3.dll,winrnr.dll,WLDAP32.dll,rasadhlp.dll,urlmon.dll,mlang.
- dll,Secur32.dll"
- "explorer.exe","436","ntdll.dll,kernel32.dll,msvcrt.dll,ADVAPI32.dll,RPCRT4.dll,
- GDI32.dll,USER32.dll,SHLWAPI.dll,SHELL32.dll,ole32.dll,OLEAUT32.dll,BROWSEUI.dll
- ,SHDOCVW.dll,CRYPT32.dll,MSASN1.dll,CRYPTUI.dll,WINTRUST.dll,IMAGEHLP.dll,NETAPI
- 32.dll,WININET.dll,WLDAP32.dll,VERSION.dll,UxTheme.dll,ShimEng.dll,AcGenral.DLL,
- WINMM.dll,MSACM32.dll,USERENV.dll,IMM32.DLL,LPK.DLL,USP10.dll,comctl32.dll,comct
- l32.dll,apphelp.dll,msctfime.ime,CLBCATQ.DLL,COMRes.dll,cscui.dll,CSCDLL.dll,the
- meui.dll,Secur32.dll,MSIMG32.dll,xpsp2res.dll,scrchpg.dll,msutb.dll,MSCTF.dll,SA
- MLIB.dll,SETUPAPI.dll,LINKINFO.dll,ntshrui.dll,ATL.DLL,urlmon.dll,NETSHELL.dll,r
- tutils.dll,credui.dll,WS2_32.dll,WS2HELP.dll,iphlpapi.dll,msi.dll,WINSTA.dll,web
- check.dll,WSOCK32.dll,safemon.dll,stobject.dll,BatMeter.dll,POWRPROF.dll,WTSAPI3
- 2.dll,wdmaud.drv,msacm32.drv,midimap.dll,nvcpl.dll,comdlg32.dll,WINSPOOL.DRV,OLE
- ACC.dll,MSVCP60.dll,NTMARTA.DLL,nvshell.dll,rsaenh.dll,MPR.dll,drprov.dll,ntlanm
- an.dll,NETUI0.dll,NETUI1.dll,NETRAP.dll,davclnt.dll,SXS.DLL,shdoclc.dll,Unlocker
- COM.dll,rarext.dll,nppcm.dll,ShellEx.dll,MSVCR80.dll,MSVCP80.dll,browselc.dll,DU
- SER.dll,MSGINA.dll,ODBC32.dll,odbcint.dll,MLANG.dll,winabc.ime,jscript.dll,klsca
- v.dll,gdiplus.dll,mscms.dll,mydocs.dll,prremote.dll,prloader.dll,quartz.dll,msdm
- o.dll,l3codeca.acm,RASAPI32.DLL,rasman.dll,TAPI32.dll,msv1_0.dll,sensapi.dll,MSV
- FW32.dll,wmvcore.dll,wmidx.dll,WMASF.DLL,DRMClien.DLL,shimgvw.dll,actxprxy.dll,z
- ipfldr.dll,sendmail.dll,shgina.dll"
- "inetinfo.exe","504","ntdll.dll,kernel32.dll,msvcrt.dll,ADVAPI32.dll,RPCRT4.dll,
- USER32.dll,GDI32.dll,ole32.dll,IisRTL.DLL,WS2_32.dll,WS2HELP.dll,IMM32.DLL,LPK.D
- LL,USP10.dll,rpcref.dll,iisadmin.dll,VSSAPI.DLL,ATL.DLL,OLEAUT32.dll,NETAPI32.dl
- l,COADMIN.dll,SHELL32.dll,SHLWAPI.dll,ADMWPROX.dll,comctl32.dll,comctl32.dll,uxt
- heme.dll,xpsp2res.dll,CLBCATQ.DLL,COMRes.dll,VERSION.dll,metadata.dll,rsaenh.dll
- ,CRYPT32.dll,MSASN1.dll,nsepm.dll,IISMAP.dll,schannel.dll,Secur32.dll,USERENV.dl
- l,wamreg.dll,admexs.dll,svcext.dll,Security.dll,SAMLIB.dll,SMTPSVC.dll,INFOCOMM.
- dll,ISATQ.dll,IISFECNV.dll,WSOCK32.dll,DNSAPI.dll,FCACHDLL.dll,RWNH.dll,exstrace
- .dll,STAXMEM.dll,NTDSAPI.dll,WLDAP32.dll,w3svc.dll,lonsint.dll,mswsock.dll,hnetc
- fg.dll,wshtcpip.dll,wintrust.dll,IMAGEHLP.dll,iscomlog.dll,sspifilt.dll,seo.dll,
- iphlpapi.dll,compfilt.dll,aqueue.dll,gzip.dll,pwsdata.dll,md5filt.dll,wdigest.dl
- l,httpext.dll,iislog.dll"
-
- 所有进程及所被调用的模块显示完毕.按任意键返回.
这样子看毛.....我宁愿去看小说..
作者: somebody 时间: 2008-1-8 00:28
原帖由 随风 于 2008-1-8 00:24 发表 
原来纯批也可以做到这么厉害,佩服!!!
厉个鬼~~~
几百年前我somebody不是在狂跟你研究这个问题吖,普通人,你就忘了....
作者: foxJL 时间: 2008-1-8 01:17
仅得dll完全路径的代码已在顶楼更新,不过又多了一个选项.
因为网页不能处理tab,都用了空格代替
下面代码红色部分应该是TAB:
for /f "delims=tab tokens=1,6" %%j in ('type particular.txt ^| find /i "%%i"') do (
echo %%j---%%k
)
---------------------------
set particular=!particular:tab=-!
[ 本帖最后由 foxJL 于 2008-1-8 01:25 编辑 ]
作者: somebody 时间: 2008-1-8 14:55
原帖由 foxJL 于 2008-1-8 01:17 发表
因为网页不能处理tab,都用了空格代替
下面代码红色部分应该是TAB:
for /f "delims=tab tokens=1,6" %%j in ('type particular.txt ^| find /i "%%i"') d ...
---------------------------------------------------------------------------------------------------------------------
哈,不是网页不能处理tab,是CMD里你用不了tab,制表符你得用VBS操作
可不就是了,用批处理来处理msinfo32导出来的文本,那个结果我想连你自己都看不下去....
虽然你把CMD窗口调大了...
执行效率也是个大问题..
以下是测试时出错截图...查的是调用指定DLL的所有进程,出来的却是DLL。这东西不就是用tasklist,真正用到的技术含量不怎么有.
有的是你在处理过程中用到的批处理语法功底..
作者: foxJL 时间: 2008-1-8 15:51
cmd是可以用TAB的,可能是你代码编辑器的问题,我用的是:Notepad2.
下面是我测试查看DLL完全路径的结果,看起来似乎不是很累.- jscript---c:\windows\system32\jscript.dll
- vbscript---c:\windows\system32\vbscript.dll
- mfc42---c:\windows\system32\mfc42.dll
- mfc42loc---c:\windows\system32\mfc42loc.dll
- MSIMTF---c:\windows\system32\msimtf.dll
- msohev---c:\program files\microsoft office\office11\msohev.dll
- mpr---c:\windows\system32\mpr.dll
- drprov---c:\windows\system32\drprov.dll
- ntlanman---c:\windows\system32\ntlanman.dll
- netui0---c:\windows\system32\netui0.dll
- netui1---c:\windows\system32\netui1.dll
- netrap---c:\windows\system32\netrap.dll
- samlib---c:\windows\system32\samlib.dll
- davclnt---c:\windows\system32\davclnt.dll
- shgina---c:\windows\system32\shgina.dll
- msgina---c:\windows\system32\msgina.dll
- winsta---c:\windows\system32\winsta.dll
- odbc32---c:\windows\system32\odbc32.dll
- comdlg32---c:\windows\system32\comdlg32.dll
- odbcint---c:\windows\system32\odbcint.dll
- Audiodev---c:\windows\system32\audiodev.dll
- wmvcore---c:\windows\system32\wmvcore.dll
- wmasf---c:\windows\system32\wmasf.dll
- wdmaud---c:\windows\system32\wdmaud.drv
- msacm32---c:\windows\system32\msacm32.drv
- msacm32---c:\windows\system32\msacm32.dll
- midimap---c:\windows\system32\midimap.dll
- Flash9e---c:\windows\system32\macromed\flash\flash9e.ocx
- xpsp3res---c:\windows\system32\xpsp3res.dll
- schannel---c:\windows\system32\schannel.dll
- imgutil---c:\windows\system32\imgutil.dll
- pngfilt---c:\windows\system32\pngfilt.dll
- ddrawex---c:\windows\system32\ddrawex.dll
- ddraw---c:\windows\system32\ddraw.dll
- dciman32---c:\windows\system32\dciman32.dll
- dxtrans---c:\windows\system32\dxtrans.dll
- atl---c:\windows\system32\atl.dll
- dxtmsft---c:\windows\system32\dxtmsft.dll
- mshtmled---c:\windows\system32\mshtmled.dll
- iepeers---c:\windows\system32\iepeers.dll
- winspool---c:\windows\system32\winspool.drv
- mshtmler---c:\windows\system32\mshtmler.dll
至于说效率问题,在start msinfo32的时候确实要等待片刻,但显示的时候好像比你VBS代码还快一点点.
你说的功能 3通过模块找到所调用它的进程,在这里每一段第1句就是进程名,第2句是PID符,还是应该很容易看出来的吧.
我开始就说了没有做界面美化,实用为主,我不想为了这些无所谓的细节浪费过多的代码.
作者: somebody 时间: 2008-1-8 18:32
开玩笑,比我的VBS快!
你获取的是单个进程调用的模块
我获取的是所有进程调用的模块````这什么概念来的
而且我整个过程是动态的,而你调用msinfo32时等个半天,人家以为没响应会关掉。
----------------------------------------------------------------
功能3是列出进程
你列出DLL做什么..!
------------------------------------------------------------------
我图都截出来了,你还能怎么说,你那些代码是文本来的,你截图出来看看吖
别乱说什么代码编辑器
我直接用记事本保存你的代码,双击自然用CMD解析
不要说什么代码编辑器问题...排版就是这样乱,你那个好看的,除非是你改过代码..
----------------------------------------------------------------------------------------------------
你说做美观就是搞无谓的细节,你这不是在讽刺我..你做不了美化就别说别人...
人家做美化还不是为了别人用着舒服,这是搞安全批处理,你做出来不美观,不方便人家分析,你懂不!搞出来若跟垃圾一样难看,谁还想用....
-----------------------------------------------------------------------------------------
贴子不是发出来给我somebody和你foxJL两个人看的...不是你不理会人家其他人就不会判断..
[ 本帖最后由 somebody 于 2008-1-8 18:43 编辑 ]
作者: foxJL 时间: 2008-1-8 18:40
不相信算了,费事理你.
作者: hjh700913 时间: 2009-5-9 18:34
顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶顶
作者: caruko 时间: 2009-12-25 17:16
ntsd 可以列出程序的详细模块的路径, 起始内存地址...
tasklist 太落后了...
作者: qwd 时间: 2010-2-9 21:53
估计是版本不同 你的Notepad2 我系统都只有notepad.exe 没那个2的
速度和排版对我们来说就是有问题啊!不过在列举上下了一番功夫也算是有心了!
somebody 也的确曾在群里大搞过此法最终是在速度和排版上放弃了!这都是几年前的事了!
| 欢迎光临 批处理之家 (http://bbs.bathome.net/) |
Powered by Discuz! 7.2 |