windows2000的日志清除器怎么练成
Windows2000的日志文件通常有应用程序日志,安全日志、系统日志、DNS服务器日志、 FTP日志、WWW日志等等,可能会根据服务器所开启的服务不同。 一般步骤如下: 1.清除IIs的日志。 可不要小看IIS的日志功能,它可以详细的记录下你的入侵全过程,如 如你用unicod
Windows2000的日志文件通常有应用程序日志,安全日志、系统日志、DNS服务器日志、
FTP日志、WWW日志等等,可能会根据服务器所开启的服务不同。
一般步骤如下:
1.清除IIs的日志。
可不要小看IIS的日志功能,它可以详细的记录下你的入侵全过程,如
如你用unicode入侵时ie里打的命令,和对80端口扫描时留下的痕迹。你可能就因为对
其不注意,而被网管盯上,说不定还会.......呵呵
那我们就可手动清除吧
1.日志的默认位置:%systemroot%system32logfilesw3svc1,默认每天一个日志
那我们就切换到这个目录下吧
del *.*
你大概想是安全了吧,那就dir一下吧
咦,咦,今天的日志怎么还在,不要慌。因为w3svc服务还开着,那我们怎么清除这个日志文件呢?
方法一:如有3389可以登录,那就用notepad打开,把Ctrl+A 然后del吧。
方法二:net 命令
C:>net stop w3svc
World Wide Web Publishing Service 服务正在停止.(可能会等很长的时间,也可能不成功)
World Wide Web Publishing Service 服务已成功停止。
好了w3svc停止了,我们可以清空它的日志了,del *.*吧
还有不要忘了再打开w3svc服务呀
C:>net start w3svc
2.清除ftp日志。
FTP日志默认位置:%systemroot%sys tem32logfilesmsftpsvc1,默认每天一个日志
清除方法同上
3.清除Scheduler日志
Scheduler服务日志默认位置:%systemroot%schedlgu.txt
清除方法同上
4.应用程序日志、安全日志、系统日志、DNS日志默认位置:%systemroot%sys tem32config
清除方法同上
注意以上三个目录可能不在上面的位置,那是因为管理员做的修改
可以读取注册表值得到他们的位置
应用程序日志,安全日志,系统日志,DNS服务器日志,它们这些LOG文件在注册表中的:
HKEY_LOCAL_MACHINEsys temCurrentControlSetServicesEventlog
Schedluler服务日志在注册表中
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSchedulingAgent
5.我是借鉴了别人文章(其实就是抄了)
OK!恭喜,现在简单的日志都已成功删除。下面就是很难的安全日志和系统日志了,守护这些日志的服务是Event Log,试着停掉它!
D:SERVERsys tem32LogFilesW3SVC1>net stop eventlog
这项服务无法接受请求的 "暂停" 或 "停止" 操作。
KAO,I 服了 U,没办法,它是关键服务。如果不用第三方工具,在命令行上根本没有删除安全日志和系统日志的可能!所以还是得用虽然简单但是速度慢得死机的办法:打开“控制面板”的“管理工具”中的“事件查看器”(98没有,知道用Win2k的好处了吧),在菜单的“操作”项有一个名为“连接到另一台计算机”的菜单,点击它如下图所示:
输入远程计算机的IP,然后点支烟,等上数十分钟,忍受象死机的折磨,然后打开下图:
选择远程计算机的安全性日志,右键选择它的属性:
点击属性里的“清除日志”按钮,OK!安全日志清除完毕!同样的忍受痛苦去清除系统日志!
6.上面大部分重要的日志你都已经清除了。然后要做的就是以防万一还有遗漏的了。
那就这样做吧 del以下的一些文件
winnt*.log
system32下
logfiles*.*
dtclog*.*
config*.evt
*.log
*.txt
到目前为止,我所知的大部分的日志我们已经教会了你清除的方法,那你就学以致用吧。
其实这篇文章的主要日的,不是教你怎么清除日志,而是教你写一个日志清除的工具。
就当我前面说的都是屁话吧。
现在转入正题:
前面你已经看到了要清除全部的日志的过程,是不是很繁呀,手动可是要花不少时间。有时
候还不一定可以清除干净。那就于编程的朋友来说,那就会想,可以我会编程,我怕什么。
那我们就动手吧。
你已经了解了,要清除一些日志,首先要关闭一些服务程序
那我就先教你怎么写一个可以看机器的服务程序的dos小工具吧,具体实现看我以前的文章
《如果做一个dos下的服务程序查看器》
工具名serName.exe
运行一下serName.exe吧
serName.exe -t 1 -t 1
呵呵,所有的机器正在运行的服务程序显示出来了吧。
记住你要关的服务程序名吧,,下面会有用的。
那编程的第二步就是实现关w3svc和shedule还有ftp等服务程序了。
我写的代码如下
对着msdn慢慢看吧。(不难的,有什么不懂不要来问我)
void StopServices(LPCTSTR lpServiceName)
{
SC_HANDLE scman = ::OpenSCManager(NULL,NULL,SC_MANAGER_ENUMERATE_SERVICE);
if(scman)
{
SC_HANDLE sh = ::OpenService(scman,lpServiceName,SERVICE_STOP);
if(sh)
{
BOOL bControl;
SERVICE_STATUS ServiceStatus;
bControl=ControlService(sh,SERVICE_CONTROL_STOP,&ServiceStatus);
DWORD dwControl;
if(bControl)
{
printf("success to stop the service "%s"n",lpServiceName);
}
else
{
dwControl=::GetLastError();
switch(dwControl){
case ERROR_ACCESS_DENIED :printf("The specified handle was not opened with the necessary access.n");break;
case ERROR_SERVICE_NOT_ACTIVE :printf("The service has not been started.n");break;
case ERROR_DEPENDENT_SERVICES_RUNNING :printf("The service cannot be stopped because other running services are dependent on it.n");break;
case ERROR_INVALID_SERVICE_CONTROL:printf("The requested control code is not valid, or it is unacceptable to the service.n");break;
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1359
52
What is event ID 6013 in win10?
Jan 09, 2024 am 10:09 AM
The logs of win10 can help users understand the system usage in detail. Many users must have encountered log 6013 when looking for their own management logs. So what does this code mean? Let’s introduce it below. What is win10 log 6013: 1. This is a normal log. The information in this log does not mean that your computer has been restarted, but it indicates how long the system has been running since the last startup. This log will appear once every day at 12 o'clock sharp. How to check how long the system has been running? You can enter systeminfo in cmd. There is one line in it.
How to set up the keyboard boot function on a GIGABYTE motherboard (enable keyboard boot mode on GIGABYTE motherboard)
Dec 31, 2023 pm 05:15 PM
How to set up keyboard startup on Gigabyte's motherboard. First, if it needs to support keyboard startup, it must be a PS2 keyboard! ! The setting steps are as follows: Step 1: Press Del or F2 to enter the BIOS after booting, and go to the Advanced (Advanced) mode of the BIOS. Ordinary motherboards enter the EZ (Easy) mode of the motherboard by default. You need to press F7 to switch to the Advanced mode. ROG series motherboards enter the BIOS by default. Advanced mode (we use Simplified Chinese to demonstrate) Step 2: Select to - [Advanced] - [Advanced Power Management (APM)] Step 3: Find the option [Wake up by PS2 keyboard] Step 4: This option The default is Disabled. After pulling down, you can see three different setting options, namely press [space bar] to turn on the computer, press group
Troubleshooting Event 7034 Error Log Issues in Win10
Jan 11, 2024 pm 02:06 PM
The logs of win10 can help users understand the system usage in detail. Many users must have seen a lot of error logs when looking for their own management logs. So how to solve them? Let’s take a look below. . How to solve win10 log event 7034: 1. Click "Start" to open "Control Panel" 2. Find "Administrative Tools" 3. Click "Services" 4. Find HDZBCommServiceForV2.0, right-click "Stop Service" and change it to "Manual Start "
How to completely remove viruses from mobile phones Recommended methods to deal with viruses in mobile phones
Feb 29, 2024 am 10:52 AM
After a mobile phone is infected with a certain Trojan virus, it cannot be detected and killed by anti-virus software. This principle is just like a computer infected with a stubborn virus. The virus can only be completely removed by formatting the C drive and reinstalling the system. , then I will explain how to completely clean the virus after the mobile phone is infected with a stubborn virus. Method 1: Open the phone and click "Settings" - "Other Settings" - "Restore Phone" to restore the phone to factory settings. Note: Before restoring factory settings, you must back up important data in the phone. The factory settings are equivalent to those of the computer. "It's the same as formatting and reinstalling the system". After the recovery, the data in the phone will be cleared. Method 2 (1) First turn off the phone, then press and hold the "power button" + "volume + button or volume - button" on the phone at the same time.
How to free up WPS cloud document space
Feb 24, 2024 pm 06:12 PM
How to clear WPS cloud document space when it is full. With the rapid development of cloud technology, more and more people are beginning to use cloud storage to store and manage their files. Among them, WPS Cloud Document, as an intelligent office software, is very popular among users. However, as the usage time increases and files accumulate, the storage space of WPS cloud documents may be filled up. So, when the WPS cloud document space is full, how should we clear it? Next, we will introduce some common cleaning methods to you. The first method is to completely delete unwanted files. W
Detailed explanation of log viewing command in Linux system!
Mar 06, 2024 pm 03:55 PM
In Linux systems, you can use the following command to view the contents of the log file: tail command: The tail command is used to display the content at the end of the log file. It is a common command to view the latest log information. tail [option] [file name] Commonly used options include: -n: Specify the number of lines to be displayed, the default is 10 lines. -f: Monitor the file content in real time and automatically display the new content when the file is updated. Example: tail-n20logfile.txt#Display the last 20 lines of the logfile.txt file tail-flogfile.txt#Monitor the updated content of the logfile.txt file in real time head command: The head command is used to display the beginning of the log file
How to enable direct connection of independent graphics card on Shenzhou Xuanlong m7e8s3?
Jan 04, 2024 am 09:24 AM
How to enable the direct connection of the independent graphics card of the Shenzhou Xuanlong m7. To enable the direct connection function of the independent graphics card of the Shenzhou Xuanlong m7, you can follow the following steps: 1. First, make sure that you have installed the driver of the independent graphics card. You can go to the official Shenzhou website or the official website of the independent graphics card manufacturer to download and install the latest driver suitable for your graphics card model. 2. On the computer desktop, right-click a blank space and select "NVIDIA Control Panel" in the pop-up menu (if it is an AMD graphics card, select "AMDRadeon Settings"). 3. In the control panel, find "3D Settings" or a similarly named option and click to enter. 4. In "3D Settings" you need to find "Global Settings" or a similarly named option. Here you can specify the use of a unique
How to view your medication log history in the Health app on iPhone
Nov 29, 2023 pm 08:46 PM
iPhone lets you add medications to the Health app to track and manage the medications, vitamins and supplements you take every day. You can then log medications you've taken or skipped when you receive a notification on your device. After you log your medications, you can see how often you took or skipped them to help you track your health. In this post, we will guide you to view the log history of selected medications in the Health app on iPhone. A short guide on how to view your medication log history in the Health App: Go to the Health App>Browse>Medications>Medications>Select a Medication>Options&a
