process 进程管理工具
示例:
1.列举当前的进程、进程路径、命令行、进程ID、父进程ID、线程数,内存使用
::wmic process get name,executablepath,commandline,processid,parentprocessid,threadcount,workingsetsize/value
2.列出进程notepad.exe的详细信息
::wmic process where name=”notepad.exe” get /format:value
结果如下:
Caption=notepad.exe
CommandLine=”C:/WINDOWS/system32/NOTEPAD.EXE” F:/limin文档/WMIC/新建 文本文档.txt
CreationClassName=Win32_Process
CreationDate=20100429202435.656250+480
CSCreationClassName=Win32_ComputerSystem
CSName=20090621-1240
Description=notepad.exe
ExecutablePath=C:/WINDOWS/system32/NOTEPAD.EXE
ExecutionState=
Handle=3864
HandleCount=61
InstallDate=
KernelModeTime=12656250
MaximumWorkingSetSize=1413120
MinimumWorkingSetSize=204800
Name=notepad.exe
OSCreationClassName=Win32_OperatingSystem
OSName=Microsoft Windows XP Professional|C:/WINDOWS|
OtherOperationCount=9403
OtherTransferCount=226934
PageFaults=6341
PageFileUsage=2465792
ParentProcessId=1020
PeakPageFileUsage=2465792
PeakVirtualSize=43327488
PeakWorkingSetSize=6189056
Priority=8
PrivatePageCount=2465792
ProcessId=3864
QuotaNonPagedPoolUsage=5840
QuotaPagedPoolUsage=79436
QuotaPeakNonPagedPoolUsage=6784
QuotaPeakPagedPoolUsage=80428
ReadOperationCount=7
ReadTransferCount=31041
SessionId=0
Status=
TerminationDate=
ThreadCount=1
UserModeTime=3125000
VirtualSize=43327488
WindowsVersion=5.1.2600
WorkingSetSize=2990080
WriteOperationCount=3
WriteTransferCount=216
3.结束指定的进程
一示例:
结束进程CBTray.exe
::wmic process where name=”CBTray.exe” call terminate
示例二:
结束进程ID为1020的进程
::wmic process where processid=1020 call terminate
4.创建进程
创建notepad进程
::wmic process call create “c:/windows/notepad.exe”
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/1241.html