我有一个包含不同文件路径的 .txt 文件。我想要简单地排除掉其中包含某些文件路径的行。
问题是,我不知道如何使用常用工具所用的正则表达式格式。
sudo cat serv_list.txt | awk '!/C:\\Windows\\system32/' > serv2.txt
sudo cat serv_list.txt | awk '!/"C:\\Windows\\system32"/' > serv2.txt
或者
sudo cat serv_list.txt | grep -a -v "C:\Windows\system32\"
我也尝试过转义斜杠,但它没有奏效。
这个文件大致长这个样子:
Name PathName ProcessId StartMode
Dhcp C:\Windows\system32\svchost... 784 Auto
ehRecvr C:\Windows\ehome\ehRecvr.exe 543 Auto
defragsvc C:\Windows\system32\svchos... 456 Manual
Audiosrv C:\Windows\System32\svchost.e.. 123 Manual
输出结果应为:
Name PathName ProcessId StartMode
ehRecvr C:\Windows\ehome\ehRecvr.exe 543 Auto
请问如何修改awk或grep表达式以排除所有包含system32目录路径的行?
谢谢 :)
命令行文件提取:
编辑器文件提取:
输出的最后几行:
cat -v serv_list2.txt
FALSE Windows Update Normal 0 wuauserv C:\Windows\system32\svchost.exe -k netsvcs 856 0 Share Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Driver Foundation - User-mode Driver Framework 0 Win32_Service Manages user-mode driver host processes. FALSE Windows Driver Foundation - User-mode Driver Framework Normal 1077 wudfsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE WWAN AutoConfig 0 Win32_Service This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices. FALSE WWAN AutoConfig Normal 1077 WwanSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
kali@kali:~$
输出摘要来自
kali@kali:~$ awk -v IGNORECASE=1 '
{
gsub(/\r/,"")
}
FNR==1{
print
next
}
($2!~/C:\\Windows\\system32\\/)
' serv_list2.txt
FALSE WLAN AutoConfig Normal 1077 Wlansvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE WMI Performance Adapter 0 Win32_Service Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated. FALSE WMI Performance Adapter Normal 0 wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 1436 0 Own Process TRUE Manual localSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Media Player Network Sharing Service 0 Win32_Service Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play FALSE Windows Media Player Network Sharing Service Normal 1077 WMPNetworkSvc "C:\Program Files\Windows Media Player\wmpnetwk.exe" 0 0 Own Process FALSE Manual NT AUTHORITY\NetworkService Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Parental Controls 0 Win32_Service This service is a stub for Windows Parental Control functionality that existed in Vista. It is provided for backward compatibility only. FALSE Parental Controls Normal 1077 WPCSvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Portable Device Enumerator Service 0 Win32_Service Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices. FALSE Portable Device Enumerator Service Normal 0 WPDBusEnum C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Security Center 0 Win32_Service The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system. FALSE Security Center Normal 0 wscsvc C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted 784 0 Share Process TRUE Auto NT AUTHORITY\LocalService Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Windows Search 0 Win32_Service Provides content indexing, property caching, and search results for files, e-mail, and other content. FALSE Windows Search Normal 0 WSearch C:\Windows\system32\SearchIndexer.exe /Embedding 2324 0 Own Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Windows Update 0 Win32_Service Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API. FALSE Windows Update Normal 0 wuauserv C:\Windows\system32\svchost.exe -k netsvcs 856 0 Share Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Driver Foundation - User-mode Driver Framework 0 Win32_Service Manages user-mode driver host processes. FALSE Windows Driver Foundation - User-mode Driver Framework Normal 1077 wudfsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE WWAN AutoConfig 0 Win32_Service This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices. FALSE WWAN AutoConfig Normal 1077 WwanSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
kali@kali:~$