wmic 獲取進程名稱以及可執行路徑:
wmic process get name,executablepath
wmic 刪除指定進程(根據進程名稱):
wmic process where name="qq.exe" call terminate
或者用
wmic process where name="qq.exe" delete
wmic 刪除指定進程(根據進程PID):
wmic process where pid="123" delete
wmic 創建新進程
wmic process call create "C:\Program Files\Tencent\QQ\QQ.exe"
在遠程機器上創建新進程:
wmic /node:192.168.1.10 /user:administrator /password:123456 process call create cmd.exe
關閉本地計算機
wmic process call create shutdown.exe
重啟遠程計算機
wmic /node:192.168.1.10/user:administrator /password:123456 process call create "shutdown.exe -r -f -m"
更改計算機名稱
wmic computersystem where "caption='%ComputerName%'" call rename newcomputername
更改帳戶名
wmic USERACCOUNT where "name='%UserName%'" call rename newUserName
wmic 結束可疑進程(根據進程的啟動路徑)
wmic process where "name='explorer.exe' and executablepath>'%SystemDrive%\\windows\\explorer.exe'" delete
wmic 獲取物理內存
wmic memlogical get TotalPhysicalMemory|find /i /v "t"
wmic 獲取文件的創建、訪問、修改時間
復制代碼 代碼如下:
@echo off
for /f "skip=1 tokens=1,3,5 delims=. " %%a in ('wmic datafile where name^="c:\\windows\\system32\\notepad.exe" get CreationDate^,LastAccessed^,LastModified') do (
set a=%%a
set b=%%b
set c=%%c
echo 文件: c:\windows\system32\notepad.exe
echo.
echo 創建時間: %a:~0,4% 年 %a:~4,2% 月 %a:~6,2% 日 %a:~8,2% 時 %a:~10,2% 分 %a:~12,2% 秒
echo 最后訪問: %b:~0,4% 年 %b:~4,2% 月 %b:~6,2% 日 %b:~8,2% 時 %b:~10,2% 分 %b:~12,2% 秒
echo 最后修改: %c:~0,4% 年 %c:~4,2% 月 %c:~6,2% 日 %c:~8,2% 時 %c:~10,2% 分 %c:~12,2% 秒
)
echo.
pause
wmic 全盤搜索某文件并獲取該文件所在目錄
for /f "skip=1 tokens=1*" %i in ('wmic datafile where "FileName='qq' and extension='exe'" get drive^,path') do (set "qPath=%i%j"@echo %qPath:~0,-3%)
獲取屏幕分辨率 wmic DESKTOPMONITOR where Status='ok' get ScreenHeight,ScreenWidth
wmic PageFileSet set InitialSize="512",MaximumSize="512"
設置虛擬內存到E盤,并刪除C盤下的頁面文件,重啟計算機后生效
wmic PageFileSet create name="E:\\pagefile.sys",InitialSize="1024",MaximumSize="1024"
wmic PageFileSet where "name='C:\\pagefile.sys'" delete
獲得進程當前占用的內存和最大占用內存的大小:
wmic process where caption='filename.exe' get WorkingSetSize,PeakWorkingSetSize
以KB為單位顯示
復制代碼 代碼如下:
@echo off
for /f "skip=1 tokens=1-2 delims= " %%a in ('wmic process where caption^="conime.exe" get WorkingSetSize^,PeakWorkingSetSize') do (
set /a m=%%a/1024
set /a mm=%%b/1024
echo 進程conime.exe現在占用內存:%m%K;最高占用內存:%mm%K
)
pause
遠程打開計算機遠程桌面
wmic /node:%pcname% /USER:%pcaccount% PATH win32_terminalservicesetting WHERE (__Class!="") CALL SetAllowTSConnections 1
檢測是否插入U盤的批處理
復制代碼 代碼如下:
@echo off
((wmic logicaldisk where "drivetype=2" get name|find "無可用范例")>nul 2>nul)||for /f "skip=1 tokens=* delims=" %%i in ('wmic logicaldisk where "drivetype=2" get name') do echo U盤盤符是 %%i
pause
rem 查看cpu
wmic cpu list brief
rem 查看物理內存
wmic memphysical list brief
rem 查看邏輯內存
wmic memlogical list brief
rem 查看緩存內存
wmic memcache list brief
rem 查看虛擬內存
wmic pagefile list brief
rem 查看網卡
wmic nic list brief
rem 查看網絡協議
wmic netprotocal list brief
【例】將當前系統BIOS,CPU,主板等信息輸出到一個HTML網頁文件,命令如下:
::得到系統信息.bat,運行bat文件即可
::系統信息輸出到HTML文件,查看幫助: wmic /?
::wmic [系統參數名] list [brief|full] /format:hform >|>> [文件名]
wmic bios list brief /format:hform > PCinfo.html
wmic baseboard list brief /format:hform >>PCinfo.html
wmic cpu list full /format:hform >>PCinfo.html
wmic os list full /format:hform >>PCinfo.html
wmic computersystem list brief /format:hform >>PCinfo.html
wmic diskdrive list full /format:hform >>PCinfo.html
wmic memlogical list full /format:hform >>PCinfo.html
PCinfo.html
您可能感興趣的文章:- Windows WMIC命令使用詳解(附實例)
- dos下通過wmic命令查看硬盤和內存/CPU信息(windows自帶命令查看硬件信息)
- 批處理的api WMIC學習體會有感
- Wmic 實例應用代碼分享
