WMIC

Posted keesone

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了WMIC相关的知识,希望对你有一定的参考价值。



WMIC扩展WMI(Windows Management Instrumentation,Windows管理工具) ,提供了从命令行接口和批命令脚本执行系统管理的支持。


WMIC查看硬件信息

查看cpu 

cpu list brief

查看物理内存

memphysical list brief

查看逻辑内存

memlogical list brief

查看缓存内存

memcache list brief

查看虚拟内存

pagefile list brief

查看网卡

nic list brief

查看硬盘

diskdrive



WMIC软件部分

3. PROCESS【进程管理】:

列出进程
wmic process list brief
(Full显示所有、Brief显示摘要、Instance显示实例、Status显示状态)

wmic 获取进程路径: 
wmic process where name="jqs.exe" get executablepath

wmic 创建新进程 
wmic process call create notepad
wmic process call create "C:Program FilesTencentQQQQ.exe" 
wmic process call create "shutdown.exe -r -f -t 20"

wmic 删除指定进程: 
wmic process where name="qq.exe" call terminate 
wmic process where processid="2345" delete 
wmic process 2345 call terminate

wmic 删除可疑进程
wmic process where "name=‘explorer.exe‘ and executablepath<>‘%SystemDrive%\\windows\\explorer.exe‘" delete
wmic process where "name=‘svchost.exe‘ and ExecutablePath<>‘C:\\WINDOWS\\system32\\svchost.exe‘" call Terminate

 

3. USERACCOUNT【账号管理】:

更改当前用户名 
WMIC USERACCOUNT where "name=‘%UserName%‘" call rename newUserName 
WMIC USERACCOUNT create /?

4. SHARE【共享管理】:

建立共享
WMIC SHARE CALL Create "","test","3","TestShareName","","c: est",0
(可使用 WMIC SHARE CALL Create /? 查看create后的参数类型)

删除共享
WMIC SHARE where name="C$" call delete
WMIC SHARE where path=‘c:\\test‘ delete


5. SERVICE【服务管理】:

更改telnet服务启动类型[Auto|Disabled|Manual]
wmic SERVICE where name="tlntsvr" set startmode="Auto"

运行telnet服务
wmic SERVICE where name="tlntsvr" call startservice

停止ICS服务
wmic SERVICE where name="ShardAccess" call stopservice

删除test服务
wmic SERVICE where name="test" call delete

6. FSDIR【目录管理】

列出c盘下名为test的目录
wmic FSDIR where "drive=‘c:‘ and filename=‘test‘" list
删除c:good文件夹
wmic fsdir "c:\\test" call delete
重命名c: est文件夹为abc
wmic fsdir "c:\\test" rename "c:abc"
wmic fsdir where (name=‘c:\\test‘) rename "c:abc"
复制文件夹
wmic fsdir where name=‘d:\\test‘ call copy "c:\\test"

7.datafile【文件管理】

重命名
wmic datafile "c:\\test.txt" call rename c:abc.txt

8.【任务计划】:
wmic job call create "notepad.exe",0,0,true,false,********154800.000000+480
wmic job call create "explorer.exe",0,0,1,0,********154600.000000+480




windows查看硬件以及系统信息,在cmd中输入

C:Userskevin>systeminfo































































以上是关于WMIC的主要内容,如果未能解决你的问题,请参考以下文章