bat脚本实现获取非微软官方服务列表

Get-CimInstance -ClassName Win32_Service | Where-Object { $_.State -eq \'Running\' -and $_.StartMode -ne \'Disabled\' } |ForEach-Object { $isMicrosoft = $false $signerInfo = \'无可执行路径\' if ($_.PathName) { # 提取可执行文件路径（处理带引号/参数的路径） $exePath = $_.PathName.Trim() if ($exePath -match \'^\\\"(.+?)\\\"\') { $exePath = $matches[1] # 提取引号内路径 } else { $exePath = $exePath.Split(\' \')[0] # 取第一个空格前的部分 } # 验证是否为文件（非目录）且存在 if ($exePath -and (Test-Path -LiteralPath $exePath -PathType Leaf -ErrorAction SilentlyContinue)) { try { $sig = Get-AuthenticodeSignature -FilePath $exePath -ErrorAction Stop if ($sig.SignerCertificate) {  $subject = $sig.SignerCertificate.Subject  $issuer = $sig.SignerCertificate.Issuer  $signerInfo = \"$subject;$issuer\"  # 检查是否微软签名  if ($signerInfo -match \'Microsoft|Windows\') { $isMicrosoft = $true  } } else {  $signerInfo = \'未签名\' } } catch { $signerInfo = \"签名错误: $($_.Exception.Message)\" } } else { $signerInfo = \'路径无效或非文件\' } } if (-not $isMicrosoft) { [PSCustomObject]@{ Name = $_.Name DisplayName = $_.DisplayName StartMode = $_.StartMode State = $_.State Company = $signerInfo } }} |Sort-Object DisplayName |Format-Table -AutoSize -Property Name, DisplayName, StartMode, State, Company

虽然powershell 直接可以执行但ps1的执行不如bat方便，因此制作了此脚本，非加密

powershell -EncodedCommand \"RwBlAHQALQBDAGkAbQBJAG4AcwB0AGEAbgBjAGUAIAAtAEMAbABhAHMAcwBOAGEAbQBlACAAVwBpAG4AMwAyAF8AUwBlAHIAdgBpAGMAZQAgAHwACgAgAFcAaABlAHIAZQAtAE8AYgBqAGUAYwB0ACAAewAgACQAXwAuAFMAdABhAHQAZQAgAC0AZQBxACAAJwBSAHUAbgBuAGkAbgBnACcAIAAtAGEAbgBkACAAJABfAC4AUwB0AGEAcgB0AE0AbwBkAGUAIAAtAG4AZQAgACcARABpAHMAYQBiAGwAZQBkACcAIAB9ACAAfAAKAEYAbwByAEUAYQBjAGgALQBPAGIAagBlAGMAdAAgAHsACgAgACAAIAAgACQAaQBzAE0AaQBjAHIAbwBzAG8AZgB0ACAAPQAgACQAZgBhAGwAcwBlAAoAIAAgACAAIAAkAHMAaQBnAG4AZQByAEkAbgBmAG8AIAA9ACAAJwDgZe9TZ2JMiO+NhF8nAAoACgAgACAAIAAgAGkAZgAgACgAJABfAC4AUABhAHQAaABOAGEAbQBlACkAIAB7AAoAIAAgACAAIAAgACAAIAAgACMAIADQY9ZT71NnYkyIh2X2Tu+NhF8I/wRZBnQmXhVf91MvAMJTcGWEdu+NhF8J/woAIAAgACAAIAAgACAAIAAgACQAZQB4AGUAUABhAHQAaAAgAD0AIAAkAF8ALgBQAGEAdABoAE4AYQBtAGUALgBUAHIAaQBtACgAKQAKACAAIAAgACAAIAAgACAAIABpAGYAIAAoACQAZQB4AGUAUABhAHQAaAAgAC0AbQBhAHQAYwBoACAAJwBeAFwAIgAoAC4AKwA/ACkAXAAiACcAKQAgAHsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAGUAeABlAFAAYQB0AGgAIAA9ACAAJABtAGEAdABjAGgAZQBzAFsAMQBdACAAIAAjACAA0GPWUxVf91OFUe+NhF8KACAAIAAgACAAIAAgACAAIAB9ACAAZQBsAHMAZQAgAHsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAGUAeABlAFAAYQB0AGgAIAA9ACAAJABlAHgAZQBQAGEAdABoAC4AUwBwAGwAaQB0ACgAJwAgACcAKQBbADAAXQAgACAAIwAgANZTLHsATipOeno8aE1ShHbokAZSCgAgACAAIAAgACAAIAAgACAAfQAKAAoAIAAgACAAIAAgACAAIAAgACMAIACMmsGLL2YmVDpOh2X2Tgj/XpfudlVfCf8UTlhbKFcKACAAIAAgACAAIAAgACAAIABpAGYAIAAoACQAZQB4AGUAUABhAHQAaAAgAC0AYQBuAGQAIAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBMAGkAdABlAHIAYQBsAFAAYQB0AGgAIAAkAGUAeABlAFAAYQB0AGgAIAAtAFAAYQB0AGgAVAB5AHAAZQAgAEwAZQBhAGYAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQApACAAewAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAHQAcgB5ACAAewAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAJABzAGkAZwAgAD0AIABHAGUAdAAtAEEAdQB0AGgAZQBuAHQAaQBjAG8AZABlAFMAaQBnAG4AYQB0AHUAcgBlACAALQBGAGkAbABlAFAAYQB0AGgAIAAkAGUAeABlAFAAYQB0AGgAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAdABvAHAACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGkAZgAgACgAJABzAGkAZwAuAFMAaQBnAG4AZQByAEMAZQByAHQAaQBmAGkAYwBhAHQAZQApACAAewAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAHMAdQBiAGoAZQBjAHQAIAA9ACAAJABzAGkAZwAuAFMAaQBnAG4AZQByAEMAZQByAHQAaQBmAGkAYwBhAHQAZQAuAFMAdQBiAGoAZQBjAHQACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAJABpAHMAcwB1AGUAcgAgAD0AIAAkAHMAaQBnAC4AUwBpAGcAbgBlAHIAQwBlAHIAdABpAGYAaQBjAGEAdABlAC4ASQBzAHMAdQBlAHIACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAJABzAGkAZwBuAGUAcgBJAG4AZgBvACAAPQAgACIAJABzAHUAYgBqAGUAYwB0ADsAJABpAHMAcwB1AGUAcgAiAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACMAIADAaOVnL2YmVK5fb49+ew1UCgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAaQBmACAAKAAkAHMAaQBnAG4AZQByAEkAbgBmAG8AIAAtAG0AYQB0AGMAaAAgACcATQBpAGMAcgBvAHMAbwBmAHQAfABXAGkAbgBkAG8AdwBzACcAKQAgAHsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAkAGkAcwBNAGkAYwByAG8AcwBvAGYAdAAgAD0AIAAkAHQAcgB1AGUACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAfQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAfQAgAGUAbABzAGUAIAB7AAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAcwBpAGcAbgBlAHIASQBuAGYAbwAgAD0AIAAnACpnfnsNVCcACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAH0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAB9ACAAYwBhAHQAYwBoACAAewAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAJABzAGkAZwBuAGUAcgBJAG4AZgBvACAAPQAgACIAfnsNVBmV74s6ACAAJAAoACQAXwAuAEUAeABjAGUAcAB0AGkAbwBuAC4ATQBlAHMAcwBhAGcAZQApACIACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAB9AAoAIAAgACAAIAAgACAAIAAgAH0AIABlAGwAcwBlACAAewAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACQAcwBpAGcAbgBlAHIASQBuAGYAbwAgAD0AIAAnAO+NhF/gZUhlFmJel4dl9k4nAAoAIAAgACAAIAAgACAAIAAgAH0ACgAgACAAIAAgAH0ACgAKACAAIAAgACAAaQBmACAAKAAtAG4AbwB0ACAAJABpAHMATQBpAGMAcgBvAHMAbwBmAHQAKQAgAHsACgAgACAAIAAgACAAIAAgACAAWwBQAFMAQwB1AHMAdABvAG0ATwBiAGoAZQBjAHQAXQBAAHsACgAgACAAIAAgACAAIAAgACAAIAAgACAAIABOAGEAbQBlACAAIAAgACAAIAAgACAAIAA9ACAAJABfAC4ATgBhAG0AZQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAEQAaQBzAHAAbABhAHkATgBhAG0AZQAgAD0AIAAkAF8ALgBEAGkAcwBwAGwAYQB5AE4AYQBtAGUACgAgACAAIAAgACAAIAAgACAAIAAgACAAIABTAHQAYQByAHQATQBvAGQAZQAgACAAIAA9ACAAJABfAC4AUwB0AGEAcgB0AE0AbwBkAGUACgAgACAAIAAgACAAIAAgACAAIAAgACAAIABTAHQAYQB0AGUAIAAgACAAIAAgACAAIAA9ACAAJABfAC4AUwB0AGEAdABlAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAQwBvAG0AcABhAG4AeQAgACAAIAAgACAAPQAgACQAcwBpAGcAbgBlAHIASQBuAGYAbwAKACAAIAAgACAAIAAgACAAIAB9AAoAIAAgACAAIAB9AAoAfQAgAHwACgBTAG8AcgB0AC0ATwBiAGoAZQBjAHQAIABEAGkAcwBwAGwAYQB5AE4AYQBtAGUAIAB8AAoARgBvAHIAbQBhAHQALQBUAGEAYgBsAGUAIAAtAEEAdQB0AG8AUwBpAHoAZQAgAC0AUAByAG8AcABlAHIAdAB5ACAATgBhAG0AZQAsACAARABpAHMAcABsAGEAeQBOAGEAbQBlACwAIABTAHQAYQByAHQATQBvAGQAZQAsACAAUwB0AGEAdABlACwAIABDAG8AbQBwAGEAbgB5AA==\"