[Windows]查看运行进程的参数【wmic】
參考??https://www.cnblogs.com/top5/p/3143827.html? ? ?和?https://blog.csdn.net/swazer_z/article/details/60100596? ??
? .Net Framework? 如何靜默安裝 參考??https://blog.csdn.net/xytme/article/details/6067376
?
查看所有運行中進程的命令行參數:
wmic process get caption,commandline /value
查詢指定進程的命令行參數:
wmic process where caption="notepad.exe" get caption,commandline /value【精確查找】
wmic process where="caption like 'notepad%'" get caption,commandline /value【模糊查找】
?
先決條件:
a. 啟動Windows Management Instrumentation服務,開放TCP135端口。
b. 本地安全策略的“網絡訪問: 本地帳戶的共享和安全模式”應設為“經典-本地用戶以自己的身份驗證”。
1. wmic /node:"192.168.1.20" /user:"domain\administrator" /password:"123456"
2.【硬件管理】:
獲取磁盤資料:
wmic DISKDRIVE get deviceid,Caption,size,InterfaceType
獲取分區資料:
wmic LOGICALDISK get name,Description,filesystem,size,freespace
獲取CPU資料:
wmic cpu get name,addresswidth,processorid
獲取主板資料:
wmic BaseBoard get Manufacturer,Product,Version,SerialNumber
獲取內存數:
wmic memlogical get totalphysicalmemory
獲得品牌機的序列號:
wmic csproduct get IdentifyingNumber
獲取聲卡資料:
wmic SOUNDDEV get ProductName
獲取屏幕分辨率
wmic DESKTOPMONITOR where Status='ok' get ScreenHeight,ScreenWidth
3. PROCESS【進程管理】:
列出進程
wmic process list brief
(Full顯示所有、Brief顯示摘要、Instance顯示實例、Status顯示狀態)
wmic 獲取進程路徑:
wmic process where name="jqs.exe" get executablepath
wmic 創建新進程
wmic process call create notepad
wmic process call create "C:\Program Files\Tencent\QQ\QQ.exe"
wmic process call create "shutdown.exe -r -f -t 20"
wmic 刪除指定進程:
wmic process where name="qq.exe" call terminate
wmic process where processid="2345" delete
wmic process 2345 call terminate
wmic 刪除可疑進程
wmic process where "name='explorer.exe' and executablepath<>'%SystemDrive%\\windows\\explorer.exe'" delete
wmic process where "name='svchost.exe' and ExecutablePath<>'C:\\WINDOWS\\system32\\svchost.exe'" call Terminate
?
3. USERACCOUNT【賬號管理】:
更改當前用戶名
WMIC USERACCOUNT where "name='%UserName%'" call rename newUserName
WMIC USERACCOUNT create /?
4. SHARE【共享管理】:
建立共享
WMIC SHARE CALL Create "","test","3","TestShareName","","c:\test",0
(可使用 WMIC SHARE CALL Create /? 查看create后的參數類型)
刪除共享
WMIC SHARE where name="C$" call delete
WMIC SHARE where path='c:\\test' delete
5. SERVICE【服務管理】:
更改telnet服務啟動類型[Auto|Disabled|Manual]
wmic SERVICE where name="tlntsvr" set startmode="Auto"
運行telnet服務
wmic SERVICE where name="tlntsvr" call startservice
停止ICS服務
wmic SERVICE where name="ShardAccess" call stopservice
刪除test服務
wmic SERVICE where name="test" call delete
6. FSDIR【目錄管理】
列出c盤下名為test的目錄
wmic FSDIR where "drive='c:' and filename='test'" list
刪除c:\good文件夾
wmic fsdir "c:\\test" call delete
重命名c:\test文件夾為abc
wmic fsdir "c:\\test" rename "c:\abc"
wmic fsdir where (name='c:\\test') rename "c:\abc"
復制文件夾
wmic fsdir where name='d:\\test' call copy "c:\\test"
7.datafile【文件管理】
重命名
wmic datafile "c:\\test.txt" call rename c:\abc.txt
8.【任務計劃】:
wmic job call create "notepad.exe",0,0,true,false,********154800.000000+480
wmic job call create "explorer.exe",0,0,1,0,********154600.000000+480
轉載于:https://www.cnblogs.com/pu369/p/10000490.html
總結
以上是生活随笔為你收集整理的[Windows]查看运行进程的参数【wmic】的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: python写的购物车程序
- 下一篇: 上机考试系统 commons-fileu