使用Get-Process返回所有的當(dāng)前進(jìn)程 ,但是你可能并不對(duì)所有的進(jìn)程感興趣,然后通過每個(gè)Process對(duì)象的屬性進(jìn)行過濾。首先得知道每個(gè)對(duì)象支持那些屬性。
PS C:Powershell> Get-Process | select -First 1 | fl *
__NounName : Process
Name : AcroRd32
Handles : 287
VM : 234819584
WS : 32616448
PM : 63488000
NPM : 14584
Path : C:Program FilesAdobeReader 10.0ReaderAcroRd32
.exe
Company : Adobe Systems Incorporated
CPU : 96.5334188
FileVersion : 10.1.2.45
ProductVersion : 10.1.2.45
Description : Adobe Reader
Product : Adobe Reader
Id : 4820
PriorityClass : Normal
HandleCount : 287
WorkingSet : 32616448
PagedMemorySize : 63488000
PrivateMemorySize : 63488000
VirtualMemorySize : 234819584
TotalProcessorTime : 00:01:36.5334188
BasePriority : 8
ExitCode :
HasExited : False
ExitTime :
Handle : 3568
MachineName : .
MainWindowHandle : 198686
MainWindowTitle : Mastering PowerShell - Adobe Reader
MainModule : System.Diagnostics.ProcessModule (AcroRd32.exe)
MaxWorkingSet : 1413120
MinWorkingSet : 204800
Modules : {System.Diagnostics.ProcessModule (AcroRd32.exe),
System.Diagnostics.ProcessModule (ntdll.dll), Syst
em.Diagnostics.ProcessModule (kernel32.dll), Syste
m.Diagnostics.ProcessModule (KERNELBASE.dll)...}
NonpagedSystemMemorySize : 14584
NonpagedSystemMemorySize64 : 14584
PagedMemorySize64 : 63488000
PagedSystemMemorySize : 302460
PagedSystemMemorySize64 : 302460
PeakPagedMemorySize : 75399168
PeakPagedMemorySize64 : 75399168
PeakWorkingSet : 87871488
PeakWorkingSet64 : 87871488
PeakVirtualMemorySize : 257703936
PeakVirtualMemorySize64 : 257703936
PriorityBoostEnabled : True
PrivateMemorySize64 : 63488000
PrivilegedProcessorTime : 00:00:27.7057776
ProcessName : AcroRd32
ProcessorAffinity : 3
Responding : True
SessionId : 1
StartInfo : System.Diagnostics.ProcessStartInfo
StartTime : 2012/1/13 10:25:34
SynchronizingObject :
Threads : {4376, 6636, 8096, 5136...}
UserProcessorTime : 00:01:08.8276412
VirtualMemorySize64 : 234819584
EnableRaisingEvents : False
StandardInput :
StandardOutput :
StandardError :
WorkingSet64 : 32616448
Site :
Container :
PS C:Powershell> Get-Process | Where-Object {$_.Name -eq "notepad"}
Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName
------- ------ ----- ----- ----- ------ -- -----------
158 7 8800 37264 114 18.41 6204 notepad
PS C:Powershell> Get-Process | Where-Object {$_.Name -eq "iexplore"}
Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName
------- ------ ----- ----- ----- ------ -- -----------
710 23 12832 18160 175 10.51 4204 iexplore
971 39 81000 107580 399 22.20 6764 iexplore
336 13 28516 20096 187 0.34 6792 iexplore
929 35 51020 46568 314 10.42 7192 iexplore
835 26 49200 32360 308 7.82 7952 iexplore
PS C:Powershell> Get-Service | ? {$_.Name -like "B*"}
Status Name DisplayName
------ ---- -----------
Running BDESVC BitLocker Drive Encryption Service
Running BFE Base Filtering Engine
Running BITS Background Intelligent Transfer Ser...
Stopped Browser Computer Browser
Stopped bthserv Bluetooth Support Service