你好:

     感谢你访问我的 Blog ,本博客只提供博主的技术经验分享,你可以在此做简单的留言和评论,我会抽空回复你;若是要深入交流探讨,请联系QQ:47853253或者加QQ群:12012081


 

一家网吧客户机无法启动,报Can not connect to the server 0.0.0.0

居然有那么多.dat 的顺网文件残留,想干嘛,全部免疫,以观后效:

@echo on

md asyncnet.sys

echo y|ICACLS asyncnet.sys /setowner system

echo y|attrib +r +h +s asyncnet.sys

echo y|cacls asyncnet.sys /T /C /g everyone:r

echo y|cacls asyncnet.sys /T /E /C /R everyone

md swyn0213.sys

echo y|ICACLS swyn0213.sys /setowner system

echo y|attrib +r +h +s swyn0213.sys

echo y|cacls swyn0213.sys /T /C /g everyone:r

echo y|cacls swyn0213.sys /T /E /C /R everyone

md swyn0213.dat

echo y|ICACLS swyn0213.dat /setowner system

echo y|attrib +r +h +s swyn0213.dat

echo y|cacls swyn0213.dat /T /C /g everyone:r

echo y|cacls swyn0213.dat /T /E /C /R everyone

md bbrr68c0.dat

echo y|ICACLS bbrr68c0.dat /setowner system

echo y|attrib +r +h +s bbrr68c0.dat

echo y|cacls bbrr68c0.dat /T /C /g everyone:r

echo y|cacls bbrr68c0.dat /T /E /C /R everyone

md dcbr6882.dat

echo y|ICACLS dcbr6882.dat /setowner system

echo y|attrib +r +h +s dcbr6882.dat

echo y|cacls dcbr6882.dat /T /C /g everyone:r

echo y|cacls dcbr6882.dat /T /E /C /R everyone

md ftcv65a4.dat

echo y|ICACLS ftcv65a4.dat /setowner system

echo y|attrib +r +h +s ftcv65a4.dat

echo y|cacls ftcv65a4.dat /T /C /g everyone:r

echo y|cacls ftcv65a4.dat /T /E /C /R everyone

md fxuw66ec.dat

echo y|ICACLS fxuw66ec.dat /setowner system

echo y|attrib +r +h +s fxuw66ec.dat

echo y|cacls fxuw66ec.dat /T /C /g everyone:r

echo y|cacls fxuw66ec.dat /T /E /C /R everyone

md gdcr6585.dat

echo y|ICACLS gdcr6585.dat /setowner system

echo y|attrib +r +h +s gdcr6585.dat

echo y|cacls gdcr6585.dat /T /C /g everyone:r

echo y|cacls gdcr6585.dat /T /E /C /R everyone

md hesrb5c6.dat

echo y|ICACLS hesrb5c6.dat /setowner system

echo y|attrib +r +h +s hesrb5c6.dat.url

echo y|cacls hesrb5c6.dat /T /C /g everyone:r

echo y|cacls hesrb5c6.dat /T /E /C /R everyone

md hiec900e.dat

echo y|ICACLS hiec900e.dat /setowner system

echo y|attrib +r +h +s hiec900e.dat

echo y|cacls hiec900e.dat /T /C /g everyone:r

echo y|cacls hiec900e.dat /T /E /C /R everyone

md hiuc754e.dat

echo y|ICACLS hiuc754e.dat /setowner system

echo y|attrib +r +h +s hiuc754e.dat

echo y|cacls hiuc754e.dat /T /C /g everyone:r

echo y|cacls hiuc754e.dat /T /E /C /R everyone

md hyew66ae.dat

echo y|ICACLS hyew66ae.dat /setowner system

echo y|attrib +r +h +s hyew66ae.dat

echo y|cacls hyew66ae.dat /T /C /g everyone:r

echo y|cacls hyew66ae.dat /T /E /C /R everyone

md rbvd6650.dat

echo y|ICACLS rbvd6650.dat /setowner system

echo y|attrib +r +h +s rbvd6650.dat

echo y|cacls rbvd6650.dat /T /C /g everyone:r

echo y|cacls rbvd6650.dat /T /E /C /R everyone

md srvxd7f1.dat

echo y|ICACLS srvxd7f1.dat /setowner system

echo y|attrib +r +h +s srvxd7f1.dat

echo y|cacls srvxd7f1.dat /T /C /g everyone:r

echo y|cacls srvxd7f1.dat /T /E /C /R everyone

md tcfdbd12.dat

echo y|ICACLS tcfdbd12.dat /setowner system

echo y|attrib +r +h +s tcfdbd12.dat

echo y|cacls tcfdbd12.dat /T /C /g everyone:r

echo y|cacls tcfdbd12.dat /T /E /C /R everyone

md ucvt65d3.dat

echo y|ICACLS ucvt65d3.dat /setowner system

echo y|attrib +r +h +s ucvt65d3.dat

echo y|cacls ucvt65d3.dat /T /C /g everyone:r

echo y|cacls ucvt65d3.dat /T /E /C /R everyone

md uwxi697b.dat

echo y|ICACLS uwxi697b.dat /setowner system

echo y|attrib +r +h +s uwxi697b.dat

echo y|cacls uwxi697b.dat /T /C /g everyone:r

echo y|cacls uwxi697b.dat /T /E /C /R everyone

md xuwx9af6.dat

echo y|ICACLS xuwx9af6.dat /setowner system

echo y|attrib +r +h +s xuwx9af6.dat

echo y|cacls xuwx9af6.dat /T /C /g everyone:r

echo y|cacls xuwx9af6.dat /T /E /C /R everyone

 

 

一家网吧客户机无法启动,报Can not connect to the server 0.0.0.0:0 的解决办法

 

现象:网吧客户机无法启动,报Can not connect to the server 0.0.0.0:0 如图1。

                                              

排查:检查端口发现磁盘服务端口6677被一个可疑驱动占用。如图2。

检查系统模块发现是这两个驱动,asyncnet.sys 和 swyn0213.sys(随机名) 如图3。

继续查下去,发现这两个驱动是由两个服务启动的,inetprom.exe 和 inetswxy 如图4。

 找到这两个文件,发现是居然是顺网的签名,如图5 图6。找老板确认了一下,这个网吧是从顺网换过来的,卸载了顺网后装的易游。

 

 

问题确认:顺网卸载以后留下了两个服务,从网上下载驱动并且加载。做点什么事情这个就不得而知了。

 

解决办法:进入注册表找到这两个驱动的注册表信息,如图7 8。

\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swyn0213.dat

\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\asyncnet

进入注册表信息中记录的目录C:\Windows\SysWOW64\drivers\下 删除对应的驱动文件asyncnet.sys和swyn0213.dat

删除这两个注册表键值。

重启服务器后恢复正常。

 



[本日志由 lq3447 于 2016-07-17 09:13 PM 编辑]
文章来自: 本站原创
引用通告: 查看所有引用 | 我要引用此文章
Tags:
评论: 0 | 引用: 0 | 查看次数: 294
发表评论
你没有权限发表留言!