wmic 获取进程名称以及可执行路径:wmic process get name,executablepath
wmic 删除指定进程(根据进程名称):wmic process where name=”qq.exe” call terminate或者用wmic process where name=”qq.exe” delete
wmic 删除指定进程(根据进程PID):wmic process where pid=”123″ delete
wmic 创建新进程wmic process call create “C?rogram FilesTencentQQQQ.exe”
在远程机器上创建新进程:wmic /node:192.168.1.10 /user:administrator /password:123456 process call create cmd.exe
关闭本地计算机wmic process call create shutdown.exe
重启远程计算机wmic /node:192.168.1.10/user:administrator /password:123456 process call create “shutdown.exe -r -f -m”
更改计算机名称wmic computersystem where “caption=’%ComputerName%\’” call rename newcomputername
更改帐户名wmic USERACCOUNT where “name=’%UserName%\’” call rename newUserName
wmic 结束可疑进程(根据进程的启动路径)
wmic process where “name=’explorer.exe’ and executablepath<>’%SystemDrive%\\windows\\explorer.exe\’” delete
wmic 获取物理内存wmic memlogical get TotalPhysicalMemory|find /i /v “t”
wmic 获取文件的创建、访问、修改时间
复制代码 代码如下:@echo offfor /f “skip=1 tokens=1,3,5 delims=. ” %%a in (‘wmic datafile where name^=”c:\\windows\\system32\\notepad.exe” get CreationDate^,LastAccessed^,LastModified’? do (set a=%%aset b=%%bset c=%%cecho 文件: c:windowssystem32notepad.exeecho.echo 创建时间: %a:~0,4% 年 %a:~4,2% 月 %a:~6,2% 日 %a:~8,2% 时 %a:~10,2% 分 %a:~12,2% 秒echo 最后访问: %b:~0,4% 年 %b:~4,2% 月 %b:~6,2% 日 %b:~8,2% 时 %b:~10,2% 分 %b:~12,2% 秒echo 最后修改: %c:~0,4% 年 %c:~4,2% 月 %c:~6,2% 日 %c:~8,2% 时 %c:~10,2% 分 %c:~12,2% 秒)echo.pause
wmic 全盘搜索某文件并获取该文件所在目录for /f “skip=1 tokens=1*” %i in (‘wmic datafile where “FileName=’qq’ and extension=’exe\’” get drive^,path’? do (set “qPath=%i%j”&@echo %qPath:~0,-3%)
获取屏幕分辨率 wmic DESKTOPMONITOR where Status=’ok’ get ScreenHeight,ScreenWidth
wmic PageFileSet set InitialSize=”512″,MaximumSize=”512″
设置虚拟内存到E盘,并删除C盘下的页面文件,重启计算机后生效
wmic PageFileSet create name=”E:\\pagefile.sys”,InitialSize=”1024″,MaximumSize=”1024″wmic PageFileSet where “name=’C:\\pagefile.sys\’” delete
获得进程当前占用的内存和最大占用内存的大小:
wmic process where caption=’filename.exe’ get WorkingSetSize,PeakWorkingSetSize
以KB为单位显示
复制代码 代码如下:@echo offfor /f “skip=1 tokens=1-2 delims= ” %%a in (‘wmic process where caption^=”conime.exe” get WorkingSetSize^,PeakWorkingSetSize’? do (set /a m=%%a/1024set /a mm=%%b/1024echo 进程conime.exe现在占用内存:%m%K;最高占用内存:%mm%K)pause
远程打开计算机远程桌面
wmic /node:%pcname% /USER:%pcaccount% PATH win32_terminalservicesetting WHERE (__Class!=””? CALL SetAllowTSConnections 1
检测是否插入U盘的批处理
复制代码 代码如下:@echo off((wmic logicaldisk where “drivetype=2” get name|find “无可用范例”?>nul 2>nul)||for /f “skip=1 tokens=* delims=” %%i in (‘wmic logicaldisk where “drivetype=2” get name’? do echo U盘盘符是 %%ipause
rem 查看cpu wmic cpu list briefrem 查看物理内存wmic memphysical list briefrem 查看逻辑内存wmic memlogical list briefrem 查看缓存内存wmic memcache list briefrem 查看虚拟内存wmic pagefile list briefrem 查看网卡wmic nic list briefrem 查看网络协议wmic netprotocal list brief
【例】将当前系统BIOS,CPU,主板等信息输出到一个HTML网页文件,命令如下:
::得到系统信息.bat,运行bat文件即可::系统信息输出到HTML文件,查看帮助: wmic /?::wmic [系统参数名] list [brief|full] /format:hform >|>> [文件名]wmic bios list brief /format:hform > PCinfo.htmlwmic baseboard list brief /format:hform >>PCinfo.htmlwmic cpu list full /format:hform >>PCinfo.htmlwmic os list full /format:hform >>PCinfo.htmlwmic computersystem list brief /format:hform >>PCinfo.htmlwmic diskdrive list full /format:hform >>PCinfo.htmlwmic memlogical list full /format:hform >>PCinfo.htmlPCinfo.html
http://www.dengb.com/DOS_BAT/768395.htmlwww.dengb.comtruehttp://www.dengb.com/DOS_BAT/768395.htmlTechArticlewmic 获取进程名称以及可执行路径: wmic process get name,executablepath wmic 删除指定进程(根据进程名称): wmic process where name=”qq.exe” call terminate 或者…
—-想了解更多的bat相关脚本写法关注