我有一个 .txt 文件,其中包含具有不同文件路径的行。我想简单地排除包含某些文件路径的行。问题是我没有绕过与常用工具一起使用的正则表达式格式。
sudo cat serv_list.txt | awk '!/C:\\Windows\\system32/' > serv2.txt
sudo cat serv_list.txt | awk '!/"C:\\Windows\\system32"/' > serv2.txt
或者
sudo cat serv_list.txt | grep -a -v "C:\Windows\system32\"
我也试图逃避斜线,但它没有奏效。
该文件看起来像这样:
Name PathName ProcessId StartMode
Dhcp C:\Windows\system32\svchost... 784 Auto
ehRecvr C:\Windows\ehome\ehRecvr.exe 543 Auto
defragsvc C:\Windows\system32\svchos... 456 Manual
Audiosrv C:\Windows\System32\svchost.e.. 123 Manual
...
输出应该是:
Name PathName ProcessId StartMode
ehRecvr C:\Windows\ehome\ehRecvr.exe 543 Auto
...
有人可以帮助我如何修改 awk 或 grep 表达式以排除包含 system32 目录路径的所有行。
谢谢 :)
从命令行提取文件:
从编辑器中提取的文件:
最后几行输出:
cat -v serv_list2.txt
FALSE Windows Update Normal 0 wuauserv C:\Windows\system32\svchost.exe -k netsvcs 856 0 Share Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Driver Foundation - User-mode Driver Framework 0 Win32_Service Manages user-mode driver host processes. FALSE Windows Driver Foundation - User-mode Driver Framework Normal 1077 wudfsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE WWAN AutoConfig 0 Win32_Service This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices. FALSE WWAN AutoConfig Normal 1077 WwanSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
kali@kali:~$
输出提取自
kali@kali:~$ awk -v IGNORECASE=1 '
{
gsub(/\r/,"")
}
FNR==1{
print
next
}
($2!~/C:\\Windows\\system32\\/)
' serv_list2.txt
FALSE WLAN AutoConfig Normal 1077 Wlansvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE WMI Performance Adapter 0 Win32_Service Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated. FALSE WMI Performance Adapter Normal 0 wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 1436 0 Own Process TRUE Manual localSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Media Player Network Sharing Service 0 Win32_Service Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play FALSE Windows Media Player Network Sharing Service Normal 1077 WMPNetworkSvc "C:\Program Files\Windows Media Player\wmpnetwk.exe" 0 0 Own Process FALSE Manual NT AUTHORITY\NetworkService Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Parental Controls 0 Win32_Service This service is a stub for Windows Parental Control functionality that existed in Vista. It is provided for backward compatibility only. FALSE Parental Controls Normal 1077 WPCSvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Portable Device Enumerator Service 0 Win32_Service Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices. FALSE Portable Device Enumerator Service Normal 0 WPDBusEnum C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Security Center 0 Win32_Service The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system. FALSE Security Center Normal 0 wscsvc C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted 784 0 Share Process TRUE Auto NT AUTHORITY\LocalService Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Windows Search 0 Win32_Service Provides content indexing, property caching, and search results for files, e-mail, and other content. FALSE Windows Search Normal 0 WSearch C:\Windows\system32\SearchIndexer.exe /Embedding 2324 0 Own Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Windows Update 0 Win32_Service Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API. FALSE Windows Update Normal 0 wuauserv C:\Windows\system32\svchost.exe -k netsvcs 856 0 Share Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Driver Foundation - User-mode Driver Framework 0 Win32_Service Manages user-mode driver host processes. FALSE Windows Driver Foundation - User-mode Driver Framework Normal 1077 wudfsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE WWAN AutoConfig 0 Win32_Service This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices. FALSE WWAN AutoConfig Normal 1077 WwanSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
kali@kali:~$