tlist -

 

Description:

我一般利用这个工具来查看当前那些进程加载了指定的dll。

tlist -m xxx.dll

 

Download:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=C055060B-9553-4593-B937-C84881BCA6A5&displaylang=en

 

Usage:

D:/Users/Administrator>tlist /?

Microsoft (R) Windows NT (TM) Version 5.1 TLIST

Copyright (c) Microsoft Corporation. All rights reserved.

 

usage: TLIST <<-m <pattern>> | <-t> | <pid> | <pattern> | <-p <processname>>> |<-k> | <-s>

           [options]:

           -t

              Print Task Tree

 

           <pid>

              List module information for this task.

 

           <pattern>

              The pattern can be a complete task

              name or a regular expression pattern

              to use as a match.  Tlist matches the

              supplied pattern against the task names

              and the window titles.

 

           -c

              Show command lines for each process

 

           -e

              Show session IDs for each process

 

           -g

              Show group affinity for each process (Win7+)

 

           -k

              Show MTS packages active in each process.

 

           -m <pattern>

              Lists all tasks that have DLL modules loaded

              in them that match the given pattern name

 

           -s

              Show services active in each process.

 

           -p <processname>

              Returns the PID of the process specified or -1

              if the specified process doesn't exist.  If there

              are multiple instances of the process running only

              the instance with the first PID value is returned.

 

           -v

              Show all process information

 

           -w

              Show Wow64 process information