wmic 命令用法及實例

    wmic獲取進(jìn)程名稱以及可執(zhí)行路徑:
    wmicprocessgetname,executablepath
    wmic刪除指定進(jìn)程(根據(jù)進(jìn)程名稱):
    wmicprocesswherename=qq.execallterminate
    或者用
    wmicprocesswherename=qq.exedelete
    wmic刪除指定進(jìn)程(根據(jù)進(jìn)程pid):
    wmicprocesswherepid=123delete
    wmic創(chuàng)建新進(jìn)程
    wmicprocesscallcreatec:\programfiles\tencent\qq\qq.exe
    在遠(yuǎn)程機(jī)器上創(chuàng)建新進(jìn)程：
    wmic/node:192.168.1.10/user:administrator/password:123456processcallcreatecmd.exe
    關(guān)閉本地計算機(jī)
    wmicprocesscallcreateshutdown.exe
    重啟遠(yuǎn)程計算機(jī)
    wmic/node:192.168.1.10/user:administrator/password:123456processcallcreateshutdown.exe-r-f-m
    更改計算機(jī)名稱
    wmiccomputersystemwherecaption='%computername%'callrenamenewcomputername
    更改帳戶名
    wmicuseraccountwherename='%username%'callrenamenewusername
    wmic結(jié)束可疑進(jìn)程（根據(jù)進(jìn)程的啟動路徑）
    wmicprocesswherename='explorer.exe'andexecutablepath<>'%systemdrive%\\windows\\explorer.exe'delete
    wmic獲取物理內(nèi)存
    wmicmemlogicalgettotalphysicalmemory|find/i/vt
    wmic獲取文件的創(chuàng)建、訪問、修改時間
    代碼如下:
    @echooff
    for/fskip=1tokens=1,3,5delims=.%%ain('wmicdatafilewherename^=c:\\windows\\system32\\notepad.exegetcreationdate^,lastaccessed^,lastmodified')do(
    seta=%%a
    setb=%%b
    setc=%%c
    echo文件:c:\windows\system32\notepad.exe
    echo.
    echo創(chuàng)建時間:%a:~0,4%年%a:~4,2%月%a:~6,2%日%a:~8,2%時%a:~10,2%分%a:~12,2%秒
    echo最后訪問:%b:~0,4%年%b:~4,2%月%b:~6,2%日%b:~8,2%時%b:~10,2%分%b:~12,2%秒
    echo最后修改:%c:~0,4%年%c:~4,2%月%c:~6,2%日%c:~8,2%時%c:~10,2%分%c:~12,2%秒
    )
    echo.
    pause
    wmic全盤搜索某文件并獲取該文件所在目錄
    for/fskip=1tokens=1*%iin('wmicdatafilewherefilename='qq'andextension='exe'getdrive^,path')do(setqpath=%i%j&@echo%qpath:~0,-3%)
    獲取屏幕分辨率wmicdesktopmonitorwherestatus='ok'getscreenheight,screenwidth
    wmicpagefilesetsetinitialsize=512,maximumsize=512
    設(shè)置虛擬內(nèi)存到e盤，并刪除c盤下的頁面文件,重啟計算機(jī)后生效
    wmicpagefilesetcreatename=e:\\pagefile.sys,initialsize=1024,maximumsize=1024
    wmicpagefilesetwherename='c:\\pagefile.sys'delete
    獲得進(jìn)程當(dāng)前占用的內(nèi)存和最大占用內(nèi)存的大?。?BR>    wmicprocesswherecaption='filename.exe'getworkingsetsize,peakworkingsetsize
    以kb為單位顯示
    代碼如下:
    @echooff
    for/fskip=1tokens=1-2delims=%%ain('wmicprocesswherecaption^=conime.exegetworkingsetsize^,peakworkingsetsize')do(
    set/am=%%a/1024
    set/amm=%%b/1024
    echo進(jìn)程conime.exe現(xiàn)在占用內(nèi)存：%m%k；最高占用內(nèi)存：%mm%k
    )
    pause
    遠(yuǎn)程打開計算機(jī)遠(yuǎn)程桌面
    wmic/node:%pcname%/user:%pcaccount%pathwin32_terminalservicesettingwhere(__class!=)callsetallowtsconnections1
    檢測是否插入u盤的批處理
    代碼如下:
    @echooff
    ((wmiclogicaldiskwheredrivetype=2getname|find無可用范例)>nul2>nul)||for/fskip=1tokens=*delims=%%iin('wmiclogicaldiskwheredrivetype=2getname')doechou盤盤符是%%i
    pause
    rem查看cpu
    wmiccpulistbrief
    rem查看物理內(nèi)存
    wmicmemphysicallistbrief
    rem查看邏輯內(nèi)存
    wmicmemlogicallistbrief
    rem查看緩存內(nèi)存
    wmicmemcachelistbrief
    rem查看虛擬內(nèi)存
    wmicpagefilelistbrief
    rem查看網(wǎng)卡
    wmicniclistbrief
    rem查看網(wǎng)絡(luò)協(xié)議
    wmicnetprotocallistbrief
    【例】將當(dāng)前系統(tǒng)bios，cpu，主板等信息輸出到一個html網(wǎng)頁文件，命令如下:
    ::得到系統(tǒng)信息.bat，運(yùn)行bat文件即可
    ::系統(tǒng)信息輸出到html文件,查看幫助:wmic/?
    ::wmic[系統(tǒng)參數(shù)名]list[brief|full]/format:hform>|>>[文件名]
    wmicbioslistbrief/format:hform>pcinfo.html
    wmicbaseboardlistbrief/format:hform>>pcinfo.html
    wmiccpulistfull/format:hform>>pcinfo.html
    wmicoslistfull/format:hform>>pcinfo.html
    wmiccomputersystemlistbrief/format:hform>>pcinfo.html
    wmicdiskdrivelistfull/format:hform>>pcinfo.html
    wmicmemlogicallistfull/format:hform>>pcinfo.html
    pcinfo.html