wmic 命令用法及實例

字號:


    wmic獲取進程名稱以及可執(zhí)行路徑:
    wmicprocessgetname,executablepath
    wmic刪除指定進程(根據(jù)進程名稱):
    wmicprocesswherename="qq.exe"callterminate
    或者用
    wmicprocesswherename="qq.exe"delete
    wmic刪除指定進程(根據(jù)進程PID):
    wmicprocesswherepid="123"delete
    wmic創(chuàng)建新進程
    wmicprocesscallcreate"C:\ProgramFiles\Tencent\QQ\QQ.exe"
    在遠程機器上創(chuàng)建新進程:
    wmic/node:192.168.1.10/user:administrator/password:123456processcallcreatecmd.exe
    關(guān)閉本地計算機
    wmicprocesscallcreateshutdown.exe
    重啟遠程計算機
    wmic/node:192.168.1.10/user:administrator/password:123456processcallcreate"shutdown.exe-r-f-m"
    更改計算機名稱
    wmiccomputersystemwhere"caption='%ComputerName%'"callrenamenewcomputername
    更改帳戶名
    wmicUSERACCOUNTwhere"name='%UserName%'"callrenamenewUserName
    wmic結(jié)束可疑進程(根據(jù)進程的啟動路徑)
    wmicprocesswhere"name='explorer.exe'andexecutablepath<>'%SystemDrive%\\windows\\explorer.exe'"delete
    wmic獲取物理內(nèi)存
    wmicmemlogicalgetTotalPhysicalMemory|find/i/v"t"
    wmic獲取文件的創(chuàng)建、訪問、修改時間
    代碼如下:
    @echooff
    for/f"skip=1tokens=1,3,5delims=."%%ain('wmicdatafilewherename^="c:\\windows\\system32\\notepad.exe"getCreationDate^,LastAccessed^,LastModified')do(
    seta=%%a
    setb=%%b
    setc=%%c
    echo文件:c:\windows\system32\notepad.exe
    echo.
    echo創(chuàng)建時間:%a:~0,4%年%a:~4,2%月%a:~6,2%日%a:~8,2%時%a:~10,2%分%a:~12,2%秒
    echo最后訪問:%b:~0,4%年%b:~4,2%月%b:~6,2%日%b:~8,2%時%b:~10,2%分%b:~12,2%秒
    echo最后修改:%c:~0,4%年%c:~4,2%月%c:~6,2%日%c:~8,2%時%c:~10,2%分%c:~12,2%秒
    )
    echo.
    pause
    wmic全盤搜索某文件并獲取該文件所在目錄
    for/f"skip=1tokens=1*"%iin('wmicdatafilewhere"FileName='qq'andextension='exe'"getdrive^,path')do(set"qPath=%i%j"&@echo%qPath:~0,-3%)
    獲取屏幕分辨率wmicDESKTOPMONITORwhereStatus='ok'getScreenHeight,ScreenWidth
    wmicPageFileSetsetInitialSize="512",MaximumSize="512"
    設(shè)置虛擬內(nèi)存到E盤,并刪除C盤下的頁面文件,重啟計算機后生效
    wmicPageFileSetcreatename="E:\\pagefile.sys",InitialSize="1024",MaximumSize="1024"
    wmicPageFileSetwhere"name='C:\\pagefile.sys'"delete
    獲得進程當前占用的內(nèi)存和最大占用內(nèi)存的大?。?BR>    wmicprocesswherecaption='filename.exe'getWorkingSetSize,PeakWorkingSetSize
    以KB為單位顯示
    代碼如下:
    @echooff
    for/f"skip=1tokens=1-2delims="%%ain('wmicprocesswherecaption^="conime.exe"getWorkingSetSize^,PeakWorkingSetSize')do(
    set/am=%%a/1024
    set/amm=%%b/1024
    echo進程conime.exe現(xiàn)在占用內(nèi)存:%m%K;最高占用內(nèi)存:%mm%K
    )
    pause
    遠程打開計算機遠程桌面
    wmic/node:%pcname%/USER:%pcaccount%PATHwin32_terminalservicesettingWHERE(__Class!="")CALLSetAllowTSConnections1
    檢測是否插入U盤的批處理
    代碼如下:
    @echooff
    ((wmiclogicaldiskwhere"drivetype=2"getname|find"無可用范例")>nul2>nul)||for/f"skip=1tokens=*delims="%%iin('wmiclogicaldiskwhere"drivetype=2"getname')doechoU盤盤符是%%i
    pause
    rem查看cpu
    wmiccpulistbrief
    rem查看物理內(nèi)存
    wmicmemphysicallistbrief
    rem查看邏輯內(nèi)存
    wmicmemlogicallistbrief
    rem查看緩存內(nèi)存
    wmicmemcachelistbrief
    rem查看虛擬內(nèi)存
    wmicpagefilelistbrief
    rem查看網(wǎng)卡
    wmicniclistbrief
    rem查看網(wǎng)絡(luò)協(xié)議
    wmicnetprotocallistbrief
    【例】將當前系統(tǒng)BIOS,CPU,主板等信息輸出到一個HTML網(wǎng)頁文件,命令如下:
    ::得到系統(tǒng)信息.bat,運行bat文件即可
    ::系統(tǒng)信息輸出到HTML文件,查看幫助:wmic/?
    ::wmic[系統(tǒng)參數(shù)名]list[brief|full]/format:hform>|>>[文件名]
    wmicbioslistbrief/format:hform>PCinfo.html
    wmicbaseboardlistbrief/format:hform>>PCinfo.html
    wmiccpulistfull/format:hform>>PCinfo.html
    wmicoslistfull/format:hform>>PCinfo.html
    wmiccomputersystemlistbrief/format:hform>>PCinfo.html
    wmicdiskdrivelistfull/format:hform>>PCinfo.html
    wmicmemlogicallistfull/format:hform>>PCinfo.html
    PCinfo.html