Home > OS >  Computer by remote control. And Daniel to solve
Computer by remote control. And Daniel to solve

Time:11-10

In other BBS number is 10.23 here I had sent, but no one can solve, so here to kneel,,

At noon yesterday after the boot, and then boot, after landing QQ, and then the computer temporarily didn't do anything, I'll go to do other things,
After a while the meow under computer, found that black screen, display power lights flashing, I thought it was a screen saver of what,
Is to move the mouse, and then display the power, the light will reply on screen display also recovery after 1, 2 seconds, and then I will see the desktop has launched the TeamViewer,
Then I go to move the mouse, found themselves will move the mouse, scared me, to shut down,
To open after the machine back, I'm afraid QQ problem, don't go to log in, then how to check the computer the transaction log, baidu can see something, and
According to the prompt, then go to the event viewer, found as if also can't see anything, and then to check the C set Windows file in a file (forgot name) have been opened, there was found to be recorded open TeamViewer,
At that moment, I'll go and check the event viewer, found that some of the "application" and "system" the two had emptied that, suddenly a little creepy, immediately unplug the network cable,
Then 360 full scan, is swept some poison, but these poison is cracked software, some I love BBS download, I also don't pay attention to before, I do not know is there a link between,


Thought it's nothing, but did not open QQ.
Then at noon today, or nearly 12 PM - 1 PM, I after startup, watched the youtube video, and browse the web, will play a cellular phone,
Meow the next screen, found off all my programs, and then every 1 to 2 seconds, the pop-up TeamViewer installation interface, then after installed, open the seemingly remote what account to be imported, and then all of a sudden blackout, scared me, to move the mouse, screen resume after come back, and found that the mouse is not controlled, seems to automatically move to fill out there, I'll pull string,
Then look at the transaction viewer, as follows:
(here due to network reasons preach not picture) in fact also nothing important,

Then I searched for teamviewer folder:
Find the location of the file appears as:
C: \ Documents and Settings \ Administrator \ Local Settings \ Temp \ TeamViewer

Was the temporary file, I'll find the uninstall, then TeamViewer11_Logfile has found a similar log. The log:
Path to the file: C: \ Documents and Settings \ Administrator \ Application Data \ TeamViewer
Posted here at the beginning and middle parts:

016/10/16 14:14:03. 375 2768 1904 G0 Logger started.
2016/10/16 14:14:03. 609 2768 1904 (G0 StringCompare locale: Chinese_People 's Republic of China. 936
2016/10/16 14:14:04. 593 2768 1904 (G0 InterProcessBase: : SecureNetwork created
2016/10/16 14:14:04. 609 2768 1904 (G0 Monitors: plug and play monitor, \ \. \ DISPLAY1, 1366 x768 (0, 0), flags=3, dpi=96
2016/10/16 14:14:04. 671 2768 1904 (G0 AutoLogin: : Login: enabled: 0
2016/10/16 14:14:04. 937 2768 1904 (G0 CMain: : LoadResourceDLLs () : No custom resource DLL found
G0 2016/10/16 14:14:05. 125 2768 1904! AsioSettings: : FindExternalIP: found 0 home external IPs 1!
2016/10/16 14:14:05. 140 2768 1904 G0 UpdateOnlineState newOnlineValue 0
G0 2016/10/16 14:14:05. 140 2768 1904! AsioSettings: : FindExternalIP: found 0 home external IPs 1!
2016/10/16 14:14:05. 156 2768 1904 (G0 Generating new RSA public/private key pair
2016/10/16 14:14:05. 203 2768 1904 (G0 QueryVPNRegKey: Subkey 'SYSTEM \ CurrentControlSet \ Control \ Class \ {4 d36e972 - E325 ce - BFC1-08002-11 be10318} \' 0000 (1) has no 'MatchingDeviceID' entry. Continuing...
2016/10/16 14:14:05. 671 2768 1904 (G0 MachineHooks: the Initialized Shm
2016/10/16 14:14:05. 671 2768 1904 (G0 MachineHooks: refcount=1
2016/10/16 14:14:05. 671 2768 1904 (G0 MachineHooks: w32 Loader is starting


Start: 2016/10/16 14:14:06. 203 (UTC + 8)
Version: 11.0.56083 NI
ID: 0
Loglevel: Info (100)
License: 0
Server: master10.teamviewer.com
IC: 1994741642
CPU: x86 Family 6 Model 23 Stepping, GenuineIntel
CPU extensions: p8
OS: WinXP (32 - bit)
IP: 192.168.1.102
MID: 0 x00e04d93d273_xxxxxxxxx_xxxxxxxxx (blocked)
MIDv: 0
The Proxy Settings: Type=1 IP=User=
IE: 8.0.6001.18702
AppPath: C: \ DOCUME ~ 1 \ ADMINI ~ 1 \ LOCALS ~ 1 \ Temp \ TeamViewer \ TeamViewer exe
UserAccount: Administrator


2016/10/23 13:19:26. 843 168 2804 G0!!!!! HttpRequestImpl: : CurlFinished () : the curl request failed: Couldn 't resolve host name
2016/10/23 13:19:29. 968 168 2804 (G0 CProcessCommandHandlerMasterConnect [1088] : : CreateMasterConnect () : master5.teamviewer.com: 80, 1088, the Connection proxy='
2016/10/23 13:19:30. 000 168 2804 G0!!!!! HttpRequestImpl: : CurlFinished () : the curl request failed: Couldn 't resolve host name (6), Could not resolve host: master5.teamviewer.com
G0 2016/10/23 13:19:30. 000 168 2804! CProcessCommandHandlerMasterConnect [1088] : : HandleMasterConnect () : MasterConnect to 0.0.0.0 failed
2016/10/23 13:19:30. 000 168 2804 G0!!!!! CMasterConnectorAsio: : HandleMasterResponseLogin () : MasterConnect failed. ErrorCode=10
2016/10/23 13:19:31. 343 168 5144 (G0 CMainWindow: : InitCloseTV () : Prepare to close TeamViewer
2016/10/23 13:19:31. 343 168 5144 G0!!!!! ServerControl: UnregisterPowerSettingNotification failed with error 0
2016/10/23 13:19:31. 359 168 5144 (G0 Chat: : Stop: Stopping Chat
2016/10/23 13:19:31. 359 168 5144 (G0 Chat: : Stop: Cancelling of Start
2016/10/23 13:19:31. 359 168 5144 (G0 ChatManager: : UnregisterIncomingCommandRegistration: destroying incomingCommandRegistration
2016/10/23 13:19:31. 359 168 5144 (G0 IncomingChatCommandRegistration: : Stop: disconnecting the ready state properties
2016/10/23 13:19:31. 359 168 5144 (G0 ChatManager: : Close
2016/10/23 13:19:31. 359 168 5144 (G0 ChatManager: : UnregisterIncomingCommandRegistration: destroying incomingCommandRegistration
2016/10/23 13:19:31. 359 168 5144 (G0 ChatManager: : ClearAccountChat: clearPersistently=0
2016/10/23 13:19:31. 375 168 5144 (G0 ChatManager: : ClearNonAccountChat
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull

Page link:https//www.codepudding.com/os/79613.html

Prev:Rdpwrap. Ini support 10.0.19041.84 version
Next:Delete WIN10 after each reboot will still appear in English (us) input method
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding