OK, now I understand what you want.
Are you familier with Mark Russinovich's tool ListDLLs?
I developed a similar tool: ListModules.
ListModules takes a snapshot of all processes and then analyses all loaded modules (.exe, .dll, …).
It produces a CSV file with information on all modules like ListDLLs does, but with much more information, for example the MD5 hash.
I use my tool as a first response tool. I review the report it produces to identify unknown executables, and then decide if they are malicious or not, based on the extra information provided for each executable. If I'm not sure, I can use the MD5 hash to compare it with a baseline or search it in VirusTotal, for example.
If this is what you are looking for, I'll give you more details.
Edited by Didier Stevens, 08 August 2013 - 02:49 PM.
SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.
Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"