- 综合排序
- 最热优先
- 最新优先
- 来自专栏Windows技术交流
第三方工具命令行过滤计划任务,比系统自带的命令要精细
Handler Filename,COM Handler Description,Description,Source" start-sleep 15 Get-Content tasks.txt| where-object {$_ -match "SAT"} #做展示格式的处理示例 #Get-Content tasks.txt| where-object {$_ -match "SAT"}|foreach{$_.split (",")} #Get-Content tasks.txt| where-object {$_ -match "SAT"}|foreach{$_.split(",")[0]} #Get-Content tasks.txt| where-object {$_ -match "SAT"}|foreach{ ($_ -split ",", 3)[0,1] -join "," } Get-Content tasks.txt | Where-Object { $_ -match "SAT" } | ForEach-Object { $parts = ($_ -split ",", 3)[0,1]; $parts[1] =
1.3K21编辑于 2023-12-07 - 来自专栏Windows技术交流
Windows查看磁盘和分区的字节数和换算大小
Select-Object DeviceID, MediaType, Model, Size 显示磁盘0每个volume的总字节数 Get-WmiObject -Class Win32_DiskPartition|Where-Object { $_.Name -match '#0,' } Get-WmiObject -Class Win32_DiskPartition|Where-Object { $_.Name -match '#0, ' } #0后面的逗号一个是英文一个是中文 2句都执行下,肯定会有一个有结果 显示磁盘1每个volume的总字节数 Get-WmiObject -Class Win32_DiskPartition|Where-Object { $_.Name -match '#1,' } Get-WmiObject -Class Win32_DiskPartition|Where-Object { $_.Name -match '#1,
93410编辑于 2023-12-28 - 来自专栏Windows技术交流
如何禁用CDPUserSvc、WpnUserService、ConsentUxUserSvc等带马甲的服务
CDPUserSvc_bd150WpnUserService_bd150ConsentUxUserSvc_bd150Get-Service CDPUserSvc | ft -autoGet-Service | Where-Object Filter "Name='$($_.Name)'").StartMode}} } | ft -autoGet-Service WpnUserService | ft -autoGet-Service | Where-Object Filter "Name='$($_.Name)'").StartMode}} } | ft -autoGet-Service ConsentUxUserSvc | ft -autoGet-Service | Where-Object )" /v Start /t REG_DWORD /d 4 /f }Set-Service -Name ConsentUxUserSvc -StartupType autoGet-Service | Where-Object )" /v Start /t REG_DWORD /d 4 /f } #查看服务 Get-Service $serviceName | ft -auto Get-Service | Where-Object
2.2K10编辑于 2024-08-19 - 来自专栏Windows技术交流
Windows如何远程播放声音
)正常然后,如果客户端机器本地播放声音正常的话,得在远程客户端这里勾选在本地播放过滤服务的powershell命令挺方便的,这里做下额外延伸(跟标题已无关了)过滤禁用的服务Get-Service | Where-Object { $_.StartType -eq 'Disabled' }Get-Service | Where-Object { $_.StartType -eq 'Disabled' } | Select-Object 默认状态下是隐藏的,在services.msc列表里看不到,但可以通过命令过滤出来过滤type是kernel_driver的服务Get-WmiObject Win32_SystemDriver | Where-Object
1.2K40编辑于 2025-07-08 - 来自专栏Windows技术交流
查Windows开机耗时是否正常
Get-WinEvent -FilterHashtable @{logname='System';id=@(12,6005);StartTime=(Get-Date).AddDays(-1) } -EA 0| Where-Object Get-WinEvent -FilterHashtable @{logname='Security';id=@(4688);StartTime=(Get-Date).AddDays(-1) } -EA 0| Where-Object Get-WinEvent -FilterHashtable @{logname='System';id=@(12,6005);StartTime=(Get-Date).AddDays(-1)} -EA 0| Where-Object Get-WinEvent -FilterHashtable @{logname='Security';id=@(4688);StartTime=(Get-Date).AddDays(-1)} -EA 0 | Where-Object
2.1K50编辑于 2024-04-12 - 来自专栏Ms08067安全实验室
如何查看域用户登录的计算机
"*Domain*" [AppDomain]::CurrentDomain.GetAssemblies() | ForEach-Object { $_.GetExportedTypes() } | Where-Object CurrentDomain.GetAssemblies() | ForEach-Object { $_.GetExportedTypes() } | ForEach-Object { $_.getmembers() } | Where-Object { $_.isStatic} | Where-Object { $_ -like $searchtext } | ForEach-Object { "[{0}]::{1} --> {2}" -f ` 补充一个@xti9er提到的WMI对象: get-wmiobject|get-member 但这个不完整,详细的搜索可以这样: Get-WmiObject -List | Where-Object
5.4K10发布于 2020-02-24 - 来自专栏Windows技术交流
腾讯云windows cvm查看网卡队列情况
适用普通cvm单网卡、多网卡、单队列、多队列,不适用裸金属[Math]::Ceiling(((Get-WmiObject Win32_PNPAllocatedResource | Where-Object Antecedent -match "IRQNumber"}).count/(Get-WmiObject Win32_NetworkAdapter -Filter 'NetEnabled=True' | Where-Object
3.6K10编辑于 2023-04-18 - 来自专栏Windows技术交流
Windows Server禁止更新(复杂版)
Disabled Get-Service GoogleChrome*, gupdate* | Set-Service -StartupType Disabled Get-ScheduledTask | Where-Object TaskName -like "MicrosoftEdgeUpdateTaskMachine*"} | Disable-ScheduledTask 2>&1 >$null Get-ScheduledTask | Where-Object Stop-Service -Name PcaSvc 2>$null Set-Service -Name PcaSvc -StartupType Disabled 2>$null Get-ScheduledTask | Where-Object ProgramDataUpdater*"}| Disable-ScheduledTask 2>$null 六、禁止visual studio相关计划任务BackgroundDownload Get-ScheduledTask | Where-Object
1K10编辑于 2024-04-28 - 来自专栏运维开发王义杰
PowerShell:在 Windows 中创建并导出自签名证书
ConvertTo-SecureString -String "Admin_123456" -Force -AsPlainText Get-ChildItem -Path 'Cert:\CurrentUser\My' | Where-Object 以下是一个导出 CER 文件的例子: Get-ChildItem -Path Cert:\CurrentUser\My\ | Where-Object { $_.Subject -match "mylab.wang.io ConvertTo-SecureString -String "Admin_123456" -Force -AsPlainText Get-ChildItem -Path 'Cert:\CurrentUser\My' | Where-Object Administrator\Desktop\cert\mylab.wang.io.pfx -Password $pwd Get-ChildItem -Path Cert:\CurrentUser\My\ | Where-Object
5.9K20编辑于 2023-08-10 - 来自专栏网络安全技术点滴分享
网络信息收集脚本详解
Property Name, InterfaceDescription, MacAddress, LinkSpeed, Status# 获取IP配置$ipConfig = Get-NetIPAddress | Where-Object InterfaceAlias, IPAddress, PrefixLength, AddressFamily# 获取DNS配置$dnsConfig = Get-DnsClientServerAddress | Where-Object Pseudo-Interface 1" } | Select-Object -Property InterfaceAlias, ServerAddresses# 获取路由表$routeTable = Get-NetRoute | Where-Object
32510编辑于 2025-09-06 - 来自专栏Windows技术交流
Edge、Chrome浏览器无法自动升级,可能是禁止了这3个地方
1、开机计划任务 Get-ScheduledTask | Where-Object { $_.TaskName -like "MicrosoftEdgeUpdateTaskMachine*"} Get-ScheduledTask | Where-Object { $_.TaskName -like "GoogleUpdateTaskMachine*"} 2、开机服务 Get-Service MicrosoftEdge*,
5.1K10编辑于 2025-08-09 - 来自专栏快乐阿超
各系统查看端口占用并停止
ForEach-Object { Stop-Process -Id $_.OwningProcess -Force } # 搜索包含关键词"your_keyword"的进程并停止 Get-Process | Where-Object ProcessName -like "*your_keyword*"} | Stop-Process -Force # 显示所有进程的列表 Get-Process # 查找特定进程的信息 Get-Process | Where-Object {$_.ProcessName -eq "process_name"} # 获取特定用户的所有进程 Get-Process | Where-Object {$_.UserName -eq "your_username
97810编辑于 2024-01-29 - 来自专栏Windows技术交流
卸载WinDefend报错:The referenced assembly could not be found. Error: 0x80073701
Get-ChildItem "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" | Where-Object Component Based Servicing\Packages" $pattern = "*KB5035849*" $keys = Get-ChildItem -Path $path -Name | Where-Object Get-ChildItem "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" | Where-Object
19710编辑于 2026-01-26 - 来自专栏Windows技术交流
DiagTrack、WinSAT、Application Experience、Diagnostic等服务或计划任务可能影响系统性能
Disabled Get-Service GoogleChrome*, gupdate* | Set-Service -StartupType Disabled Get-ScheduledTask | Where-Object -Name WaaSMedicSvc -StartupType Disabled -ErrorAction SilentlyContinue 2>$null Get-ScheduledTask | Where-Object Disabled Get-Service GoogleChrome*, gupdate* | Set-Service -StartupType Disabled Get-ScheduledTask | Where-Object /48a420579ef9f5e82525042c.html 列出DisplayName StartsWith Diag和Name StartsWith Diag的服务 Get-Service | Where-Object 列出DisplayName StartsWith Diag和Name StartsWith Diag的服务并逐个打印这些服务的description $services = Get-Service | Where-Object
1.1K10编辑于 2024-04-24 PowerShell到底是个啥?跟CMD比起来强在哪里?看完这篇你就懂了
用来过滤对象: # 获取大于100MB的文件 Get-ChildItem | Where-Object {$_.Length -gt 100MB} # 获取最近7天修改的文件 Get-ChildItem | Where-Object {$_.LastWriteTime -gt (Get-Date).AddDays(-7)} Select-Object用来选择对象的特定属性: # 只显示进程名和内存使用量 PowerShell就不一样了,可以把日志解析成对象,然后用Group-Object、Where-Object等命令做各种统计: Import-Csv "iis.log" -Delimiter " " | Where-Object {$_.sc_status -eq "500"} | Group-Object cs_uri_stem | Sort-Object Count -Descending {$_.P2 -like "*nginx*"} # Kubernetes管理 kubectl get pods | ConvertFrom-String | Where-Object {$_.P3
6.4K40编辑于 2025-11-20- 来自专栏科控自动化
通过命令行,查找并结束进程
你可以使用 Where-Object 命令来筛选进程列表,只显示包含特定名称的进程。 运行以下命令: Get-Process | Where-Object {$_.Name -like "EdgePluginModbusSlave"} 这将只显示名称为"EdgePluginModbusSlave
1.2K30编辑于 2023-11-13 - 来自专栏Windows技术交流
为什么云服务器Server2008R2系统vnc登录运行dxdiag命令DirectX不可用
读取输出文件并获取图形内存信息 $dxdiagContent = Get-Content $dxdiagOutputFile $displayMemoryLine = $dxdiagContent | Where-Object { $_ -match "Display Memory:" }|Select-Object -First 1 $dedicatedMemoryLine = $dxdiagContent | Where-Object { $_ -match "Dedicated Memory:" }|Select-Object -First 1 $sharedMemoryLine = $dxdiagContent | Where-Object
76810编辑于 2023-12-07 - 来自专栏Windows技术交流
powershell一键三连输出disk instanceid、磁盘序号、盘符
ExpandProperty DeviceID foreach ($volumeID in $volumeIDs) { Get-Volume | Where-Object Format-Table -AutoSize } } } Write-Output "" } $driveInfo1 =Get-Volume | Where-Object DriveLetter -match "[A-Z]" } | Sort-Object DriveLetter $driveInfo2 =Get-PSDrive -PSProvider FileSystem | Where-Object
86210编辑于 2025-02-17 - 来自专栏Windows技术交流
CleanMgr显示的临时文件主要是哪里占用的?
LOCALAPPDATA\D3DSCache", "$env:LOCALAPPDATA\NVIDIA\DXCache", "$env:LOCALAPPDATA\NVIDIA\GLCache" ) | Where-Object $items = Get-ChildItem -Path $p -Force -Recurse -ErrorAction SilentlyContinue $size = ($items | Where-Object in $roots) { Get-ChildItem -Path $r -Directory -Recurse -Force -ErrorAction SilentlyContinue | Where-Object $s = (Get-ChildItem -Path $d.FullName -Force -Recurse -ErrorAction SilentlyContinue | Where-Object { $_ -is [System.IO.FileInfo] } 和Where-Object { -not $_.PSIsContainer } 实现的作用看起来一样,详细对比分析下 其实,针对磁盘空间占用问题的定位
63110编辑于 2025-09-13 - 来自专栏Windows技术交流
排查一些Windows问题时,为了去除无关变量,建议做个快照后禁止defender和腾讯云平台组件,确认原因后再回滚快照
Stop-Service -Name PcaSvc 2>$null Set-Service -Name PcaSvc -StartupType Disabled 2>$null Get-ScheduledTask | Where-Object Defender\","\Microsoft\Windows\Maintenance\" 2>$null | Disable-ScheduledTask 2>$null Get-ScheduledTask | Where-Object Disabled Get-Service GoogleChrome*, gupdate* | Set-Service -StartupType Disabled Get-ScheduledTask | Where-Object TaskName -like "MicrosoftEdgeUpdateTaskMachine*"} | Disable-ScheduledTask 2>&1 >$null Get-ScheduledTask | Where-Object WdNisSvc") Get-Service -Name $services 2>$null | Select-Object Name, DisplayName, Status Get-Process | Where-Object
68540编辑于 2024-04-29
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号