1. 首頁
  2. 問答
  3. 如何隱藏WMIC查詢

如何隱藏WMIC查詢

2017-08-16 83 views
1

的一些輸出我有一個批次中止特定進程。啓動它後,我想隱藏Ignoring: <ProcessName>並只顯示Terminating: <ProcessName>,所以我怎麼能這樣做呢?如何隱藏WMIC查詢

@echo off 
cls 
title prockiller 
setlocal 

:Whitelist 
set "whitelist=Microsoft Avast Panda ESET Kaspersky Avira AVG Bitdefender Malwarebytes Norton McAfee GAS IBM" 

:Analyze 
for /f "tokens=2 delims=," %%I in (
    'wmic process get executablepath^,status /format:csv ^| find "\"' 
) do (
    set "proc=%%~I" 
    setlocal enabledelayedexpansion 
    wmic datafile where "name='!proc:\=\\!'" get manufacturer 2>nul | findstr /i "%whitelist%" >nul && (
     echo Ignoring: %%~nI 
    ) || (
     echo Terminating: %%~nI && taskkill /im "%%~nxI" /f /t >nul 2>&1 
    ) 
    endlocal 
)

在此先感謝。

來源

2017-08-16 wagner4362

+1

IMO您編輯死你的問題。如果某人不知道它們的來源,那麼人們如何能夠了解當前的代碼片斷,並保留變量在考慮過之後,請最後一次[mcve]。 – LotPings

+0

對不起,但我試圖進行更全面的總結,無論如何編輯整個代碼。 – wagner4362

+0

變化'回聲忽略:%%〜nI'爲'REM回聲忽略:%%〜nI' - 還是我誤解你的問題? –

回答

0

這裏有一個快速未經測試版本:

@Echo Off 
Title Process killer with a whitelist 

Set "IPL=Avast AVG Avira BitDefender ESET GAS IBM Kaspersky Malwarebytes" 
Set "IPL=%IPL% McAfee Microsoft Norton Panda" 

For /F "Skip=1 Delims=" %%A In (
    'WMIC Process Where "Not ExecutablePath Is Null" Get ExecutablePath' 
) Do For /F "Delims=" %%B In ("%%~A") Do Call :Sub %%~B 
Timeout -1 
Exit/B 

:Sub 
Set "proc=%*" 
For %%A In ("%proc:\=\\%") Do (
    WMIC DataFile Where "Name='%%~A' And Not Manufacturer Is Null"^ 
    Get Manufacturer|FindStr/IVX "Manufacturer"|FindStr/I "%IPL%">Nul||(
     Echo Terminating "%proc%" 
     Echo=TaskKill /F /IM "%%~nxA" /T))

從最後一行刪除Echo=以及可選的Timeout -1,如果控制檯輸出看起來還好。

來源

2017-08-17 20:15:15 Compo

0

,如果你想這樣你可以重定向igonring進程列表成日誌文件的輸出:

@echo off 
Title Process killer with a white list 
cls 
setlocal 
set "Ignoring_Process_List=%~dpn0_Ignoring_Process_List.txt" 
set "Terimnated_Process_List=%~dpn0_Terimnated_List.txt" 
If exist "%Ignoring_Process_List%" Del "%Ignoring_Process_List%" 
If exist "%Terimnated_Process_List%" Del "%Terimnated_Process_List%" 

:Whitelist 
set "whitelist=Microsoft Avast Panda ESET Kaspersky Avira AVG Bitdefender Malwarebytes Norton McAfee GAS IBM" 

:Analyze 
for /f "tokens=2 delims=," %%I in (
    'wmic process get executablepath^,status /format:csv ^| find "\"' 
) do (
    set "proc=%%~I" 
    setlocal enabledelayedexpansion 
    wmic datafile where "name='!proc:\=\\!'" get manufacturer 2>nul | findstr /i "%whitelist%" >nul && (
     (echo Ignoring: %%~nxI)>>!Ignoring_Process_List! 2>&1 
    ) || (
     (echo Terminating: %%~nxI)>con 
     (echo Terminating: %%~nxI && Taskkill /im "%%~nxI" /f /t)>>!Terimnated_Process_List! 2>&1 
    ) 
    endlocal 
) 
Timeout /T 5 /nobreak>nul

來源

2017-08-17 01:10:56 Hackoo

+0

@Compo好吧,最終的代碼會是怎樣?只需更換這條線? – wagner4362

+0

@ wagner4362這段代碼適合我!你是否嘗試過? – Hackoo

+0

@Hackoo是的工作,但我相信有一種方法可以更快地完成這項任務 – wagner4362

相關問題

 相關問題