default debug random = 0

제목 바꿨습니다. 

'잭팟코인 해킹 당했습니다.' 에서 현재로.



jpc 해킹.JPG




공유기에 암호 걸려있고, 데스크탑에도 로그인 암호 걸려있고,

지난 번 해킹 사태 이후로 rpc 설정도 바꿔놨는데 가져갔군요.


제 잭팟코인이 전송된 지갑은 Jfg1nxeu7F4WEBqk1FjmsftefLrAEDpGWE 이고,

트랜잭션은 112ca720aef853e61dc97b78951022a5da49b3e87adc2d66b3c75e45ff98d2f2 입니다.


잭팟코인 노리고 들어와서 작업해간 것 같습니다.

얼마 안되는 양이긴 하지만 괘씸해서 로그 정보들 모으고 있습니다.



추가-------------


도난 당한 컴퓨터는 회사컴퓨터입니다. 암호 걸린 공유기를 통해서 연결돼 있고,  평소에 24시간 켜두고 있습니다.


제가 직접 사용하지 않을 때는 계정이 자동으로 잠기게 돼 있습니다.


팀뷰어가 설치 실행되고 있으며, 잭팟 지갑은 이자 때문에 락을 풀어둔 채로 실행되고 있었습니다.


오늘은 출근 안 한 날이었고(회사컴은 켜져있지만 잠금상태가 되겠죠)

집에서 쓰는 컴퓨터에 팀뷰어 전송 기록창이 떠있길래 뭔가 하고 보다가 사건이 일어난 걸 알게 됐습니다.



팀뷰어 파일 전송 기능으로 제가 가진 다른 지갑 백업데이터들도 전송을 했더군요.

파일 전송 이벤트 로그에 기록이 있습니다.



이 범인을 찾는데 있어서 결정적인 단서가 될 만한 데이터가 무엇이 있을까요?

모아서 사이버 범죄 수사단에 의뢰하고 싶습니다.




팀뷰어 인커밍 커넥션 로그입니다.-----------------------------------------------------


오전 8시대에는 출근한 직원들인 것 같은데,

나머지 새벽 시간 대는 누군지 모르겠습니다. 일단 저는 아니고, 직원들도 아니라고 생각합니다.



505689333 Machine 26-06-2014 04:41:35 26-06-2014 04:52:40 aomame RemoteControl {8BF11FA3-45D0-4D16-8F0B-788EE3247394}

743293067 Machine 26-06-2014 02:51:24 26-06-2014 07:21:01 aomame RemoteControl {757BA73F-BC94-4FC4-B4DE-2459B123BFE8}

743293067 Machine 26-06-2014 08:33:04 26-06-2014 08:33:13 aomame RemoteControl {96A6132C-FFE9-4B6C-B5E0-D40CB406512D}

743293067 Machine 26-06-2014 08:44:07 26-06-2014 09:41:03 aomame RemoteControl {D2495D25-198E-43B6-A05C-32DD51483B23}






해킹이 이루어지는 시점 부근의 팀뷰어 로그 입니다.-----------------------------------------


회사컴(aomame) 바탕화면에 x라는 폴더를 만들고 데이터 수집 후 어딘가로 보내고나서

x라는 폴더를 휴지통에 넣었더군요.


IT 까막눈인 저로서는 이 로그들로부터 유의미한 데이터 추출이 어렵습니다.  


2014/06/26 11:51:24.424  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=414

2014/06/26 11:51:24.428  1460  4484 S0   CT9 CT.TM_GWout.37.252.244.67 - CT9 - S8

2014/06/26 11:51:24.428  1460  4484 S0   CT9 CT.Connect to TeamViewer Router 37.252.244.67:5938

2014/06/26 11:51:24.436  1460  4484 S0   CT9 CT.Connected

2014/06/26 11:51:24.436  1460  4484 S0   CT9 CT.Send.CMD_IDENTIFY From=141225331 To=0 L=32

2014/06/26 11:51:24.436  1460  4484 S0   CT9 CT.Send.CMD_CONNECTTOWAITINGTHREAD From=141225331 To=0 L=48

2014/06/26 11:51:24.436  1460  3676 S0   CT10 CT.Run

2014/06/26 11:51:24.436  1460  3676 S0   CT10 TM.TM_TV

2014/06/26 11:51:24.437  1460  4484 S0   Starting desktop process for ID 141225331 in session 1

2014/06/26 11:51:24.775  1460  4484 S0   CTerminalServer::getPathToApplicationExe(): Choosing filename from partner process.

2014/06/26 11:51:24.775  1460  4484 S0   Filename for desktop process is c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe

2014/06/26 11:51:24.776  1460  4484 S0   CToken::GetSystemToken() set session 1

2014/06/26 11:51:24.785  1460  4484 S0   Desktop process started, PID=2420

2014/06/26 11:51:24.785  1460  4484 S0   CTerminalServer::StartGUIProcess() Not starting GUI, reusing existing

2014/06/26 11:51:24.785  1460  4484 S0   ConnectionGuard: incoming remote control in sessions: 1(1)

2014/06/26 11:51:24.786  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=59

2014/06/26 11:51:24.786  1460  4224 S0   CT9 CT.Run

2014/06/26 11:51:24.786  1460  4224 S0   CT9 TM.TM_GWout

2014/06/26 11:51:24.786  1460  3676 S0   CT9 Activating support for ccmdV2

2014/06/26 11:51:24.786  1460  4224 S0   CT9 CT.Receive.CMD_SESSIONID From=0 To=141225331 L=8

2014/06/26 11:51:24.786  1460  4224 S0   CT9 CT.Receive.CMD_IDENTIFY From=0 To=141225331 L=32

2014/06/26 11:51:24.786  1460  4224 S0   CT9 CT.Receive.CMD_SESSIONMODE From=743293067 To=141225331 L=28

2014/06/26 11:51:24.786  1460  4224 S0   Negotiating session encryption: client hello received from 743293067, RSA key length = 2048

2014/06/26 11:51:24.786  1484  1748 G1   Connection incoming, sessionID = -1356799221

2014/06/26 11:51:24.787  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38

2014/06/26 11:51:24.787  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38

2014/06/26 11:51:24.793  1460  4224 S0   Negotiating session encryption: server hello sent

2014/06/26 11:51:24.825  1460  4224 S0   Negotiating session encryption: client handshake received

2014/06/26 11:51:24.836  1460  4224 S0   Negotiating session encryption: server handshake sent, encryption established with AES key length 256

2014/06/26 11:51:24.843  1460  3288 S0   CT11 CT.Run

2014/06/26 11:51:24.843  1460  3288 S0   CT11 TM.TM_UDP

2014/06/26 11:51:24.843  1460  3288 S0   CT11 GWT.UDPFlowVersionHandshake.Received

2014/06/26 11:51:24.843  1460  3288 S0   CT11 Activating UDP packet loss control ...

2014/06/26 11:51:24.922  1460  2200 S0   CAcceptServer::HandleAccept: new connection from 127.0.0.1:2232

2014/06/26 11:51:24.923  1460  2200 S0   CInterProcessNetwork::SetDyngateIDforSession() id=141225331 session=1 ptype=2

2014/06/26 11:51:24.923  1460  2200 S0   CInterProcessNetwork::SetDyngateIDforSession() id=141225331 session=1 ptype=4

2014/06/26 11:51:24.926  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38

2014/06/26 11:51:24.926  1484  1748 G1   Received Control_InitIPC processtype=4

2014/06/26 11:51:24.791  2420  3272 D1   Logger started.

2014/06/26 11:51:24.802  2420  3272 D1!! GetSimpleDisplayCertNameFromFile: File 'c:\program files (x86)\teamviewer\version9\TeamViewerPerfMon.dll' does not exist.

2014/06/26 11:51:24.802  2420  3272 D1!! VerifyTeamViewerSignature() : WinVerifyTrust failed, result=2

2014/06/26 11:51:24.802  2420  3272 D1   Loading TeamViewerPerfMon.dll failed.

2014/06/26 11:51:24.897  2420  3272 D1   TeamViewerDesktop started, PID=2420

2014/06/26 11:51:24.905  2420  3272 D1   Monitors: Dell U2312HM DVI, \\.\DISPLAY2, 1920x1080 (0,0), flags=3

2014/06/26 11:51:24.905  2420  3272 D1   Monitors: 일반 PnP 모니터, \\.\DISPLAY1, 1680x1050 (1920,30), flags=3

2014/06/26 11:51:24.920  2420  3272 D1   MachineHooks: Initialized Shm

2014/06/26 11:51:24.920  2420  3272 D1   MachineHooks: refcount = 2

2014/06/26 11:51:24.920  2420  3272 D1   MachineHooks: x64 Machine detected

2014/06/26 11:51:24.921  2420  3272 D1   Opening local TCP connection to 127.0.0.1:5939

2014/06/26 11:51:24.922  2420  3272 D1   Local TCP connection established

2014/06/26 11:51:24.926  2420  3272 D1   Received Control_InitIPC_Response processtype=1

2014/06/26 11:51:24.926  2420  3272 D1   Received Control_InitIPC_Response runningProcesses=7

2014/06/26 11:51:24.935  2420  3272 D1   Received Control_InitIPC_Response processtype=2

2014/06/26 11:51:24.935  2420  3272 D1   Control_InitIPC_Response: all processes 7 completely initialized

2014/06/26 11:51:24.978  2420  3272 D1   Win32_GUI::AddFont() font (Index:9, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.979  2420  3272 D1   Win32_GUI::AddFont() font (Index:10, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.981  2420  3272 D1   Win32_GUI::AddFont() font (Index:11, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.982  2420  3272 D1   Win32_GUI::AddFont() font (Index:12, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.983  2420  3272 D1   Win32_GUI::AddFont() font (Index:13, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.983  2420  3272 D1   Win32_GUI::AddFont() font (Index:14, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.984  2420  3272 D1   Win32_GUI::AddFont() font (Index:15, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.985  2420  3272 D1   Win32_GUI::AddFont() font (Index:16, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.986  2420  3272 D1   Win32_GUI::AddFont() font (Index:17, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.986  2420  3272 D1   Win32_GUI::AddFont() font (Index:18, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.987  2420  3272 D1   Win32_GUI::AddFont() font (Index:19, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.988  2420  3272 D1   Win32_GUI::AddFont() font (Index:20, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.989  2420  3272 D1   Win32_GUI::AddFont() font (Index:22, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.990  2420  3272 D1   Win32_GUI::AddFont() font (Index:23, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.990  2420  3272 D1   Win32_GUI::AddFont() font (Index:24, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.991  2420  3272 D1   Win32_GUI::AddFont() font (Index:25, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.992  2420  3272 D1   Win32_GUI::AddFont() font (Index:26, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.993  2420  3272 D1   Win32_GUI::AddFont() font (Index:27, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.994  2420  3272 D1   Win32_GUI::AddFont() font (Index:28, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.994  2420  3272 D1   Win32_GUI::AddFont() font (Index:29, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.995  2420  3272 D1   Win32_GUI::AddFont() font (Index:30, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.996  2420  3272 D1   Win32_GUI::AddFont() font (Index:31, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.996  2420  3272 D1   Win32_GUI::AddFont() font (Index:32, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.997  2420  3272 D1   Win32_GUI::AddFont() font (Index:33, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.997  2420  3272 D1   Win32_GUI::AddFont() font (Index:34, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.998  2420  3272 D1   Win32_GUI::AddFont() font (Index:35, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.999  2420  3272 D1   Win32_GUI::AddFont() font (Index:36, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:24.999  2420  3272 D1   Win32_GUI::AddFont() font (Index:37, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.000  2420  3272 D1   Win32_GUI::AddFont() font (Index:38, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.000  2420  3272 D1   Win32_GUI::AddFont() font (Index:39, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.001  2420  3272 D1   Win32_GUI::AddFont() font (Index:40, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.001  2420  3272 D1   Win32_GUI::AddFont() font (Index:41, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.002  2420  3272 D1   Win32_GUI::AddFont() font (Index:42, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.002  2420  3272 D1   Win32_GUI::AddFont() font (Index:43, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.003  2420  3272 D1   Win32_GUI::AddFont() font (Index:44, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.003  1460  4224 S0   CT9 CT.Receive.CMD_MEETING_AUTHENTICATION From=743293067 To=141225331 L=53

2014/06/26 11:51:25.003  1460  4224 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 11:51:25.004  2420  3272 D1   Win32_GUI::AddFont() font (Index:45, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.004  2420  3272 D1   Win32_GUI::AddFont() font (Index:46, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.005  2420  3272 D1   Win32_GUI::AddFont() font (Index:47, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.006  2420  3272 D1   Win32_GUI::AddFont() font (Index:48, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.007  2420  3272 D1   Win32_GUI::AddFont() font (Index:49, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.007  2420  3272 D1   Win32_GUI::AddFont() font (Index:50, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.008  2420  3272 D1   Win32_GUI::AddFont() font (Index:51, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.009  2420  3272 D1   Win32_GUI::AddFont() font (Index:52, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.010  2420  3272 D1   Win32_GUI::AddFont() font (Index:53, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.010  2420  3272 D1   Win32_GUI::AddFont() font (Index:54, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.011  2420  3272 D1   Win32_GUI::AddFont() font (Index:55, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.012  2420  3272 D1   Win32_GUI::AddFont() font (Index:56, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.013  2420  3272 D1   Win32_GUI::AddFont() font (Index:57, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.014  2420  3272 D1   Win32_GUI::AddFont() font (Index:58, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.014  2420  3272 D1   Win32_GUI::AddFont() font (Index:59, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.015  2420  3272 D1   Win32_GUI::AddFont() font (Index:60, charset:129) with face name Arial was mapped to 굴림

2014/06/26 11:51:25.059  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=38

2014/06/26 11:51:25.059  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=38

2014/06/26 11:51:25.115  1460  4224 S0   CT9 CT.Receive.CMD_MEETING_AUTHENTICATION From=743293067 To=141225331 L=53

2014/06/26 11:51:25.115  1460  4224 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 11:51:25.198  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=38

2014/06/26 11:51:25.198  1484  2152 G1   LoadfromURL: using proxy ':0'

2014/06/26 11:51:25.443  1460  3288 S0   CT11 GWT.CmdUDPFlowControl.RequestUDP.Received

2014/06/26 11:51:25.443  1460  3288 S0   CT11 GWT.SendUDPPings

2014/06/26 11:51:25.859  1460  3288 S0   CT11 GWT.CmdUDPPing.UDPMasterReply 112.221.45.59:60224

2014/06/26 11:51:25.859  1460  3288 S0   CT11 GWT.CmdUDPPing.PingOK.PunchInit

2014/06/26 11:51:25.859  1460  3288 S0   CT11 GWT.SendUDPPunchRequest 2

2014/06/26 11:51:25.980  2420  5564 D1!! ChangeThreadDesktop(): SetThreadDesktop failed for winlogon: 170, Errorcode=170

2014/06/26 11:51:25.982  2420  6000 D1   Connection incoming, sessionID = -1356799221

2014/06/26 11:51:25.982  2420  5544 D1   CLogin::run()

2014/06/26 11:51:25.982  2420  5544 D1   CLogin::NegotiateVersionServer()

2014/06/26 11:51:25.992  1484  3016 G1!! SetForegroundWindowForce: AttachThreadInput(TRUE) failed: 87, Errorcode=87

2014/06/26 11:51:25.998  1484  3016 G1!! SetForegroundWindowForce: AttachThreadInput(FALSE) failed: 87, Errorcode=87

2014/06/26 11:51:26.011  1460  3288 S0   CT11 GWT.SendUDPPunches

2014/06/26 11:51:26.011  1460  3288 S0   CT11 punching version 0, type 3

2014/06/26 11:51:26.021  1460  3288 S0   CT11 GWT.SendUDPPunchRequest 4

2014/06/26 11:51:26.032  1460  3288 S0   CT11 GWT.CmdUDPPing.PunchReceived, a=1.232.141.125, p=50120

2014/06/26 11:51:26.032  1460  3288 S0   CT11 GWT.SendUDPPunches

2014/06/26 11:51:26.032  1460  3288 S0   CT11 punching version 0, type 0

2014/06/26 11:51:26.294  2420  5544 D1   CLogin::CheckIfConnectionIsAllowed()

2014/06/26 11:51:26.294  2420  5544 D1   CLogin::AuthenticateServer()

2014/06/26 11:51:26.366  1460  3288 S0   CT11 GWT.UDPFlowPunchReceived.Received

2014/06/26 11:51:26.366  1460  3288 S0   CT11 GWT.CmdUDPPing.MTUReceived

2014/06/26 11:51:26.367  1460  3288 S0   CT11 GWT.CmdUDPPing.MTUReceived

2014/06/26 11:51:26.467  1460  3676 S0   CT11 GWT.UDPFlowMTUReceived.Received

2014/06/26 11:51:26.467  1460  3676 S0   CT11 GWT.UDPFlowMTUReceived.Received

2014/06/26 11:51:26.499  2420  5544 D1!! CAuthenticationSRP_Passive, Step_Receive_VerifyClientSecret: clientSecret!=serverSecret

2014/06/26 11:51:26.595  2420  5544 D1   CLogin::run(): ConnectionMode == 1

2014/06/26 11:51:26.595  2420  5544 D1   CServerThread::Factory(PseudoSocket)

2014/06/26 11:51:26.595  3104  3108 H64  tv_x64.exe: DragInterceptor: Starting Up

2014/06/26 11:51:26.595  3096  3100 H32  tv_w32.exe: DragInterceptor: Starting Up

2014/06/26 11:51:26.596  1460  2200 S0   CPersistentParticipantManager::AddParticipant: [141225331,-1356799221] type=3 name=Machine

2014/06/26 11:51:26.596  2420  5544 D1   Default keyboard layout: 04120412

2014/06/26 11:51:26.596  2420  5544 D1   Default keyboard layout: 04120412

2014/06/26 11:51:26.596  1460  2200 S0   CPersistentParticipantManager::AddParticipant: [141225331,-1356799221] type=3 name=Machine

2014/06/26 11:51:26.596  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=1 type=5 (StreamType_Chat), source=[141225331,-1356799221]

2014/06/26 11:51:26.596  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=2 type=7 (StreamType_VPN), source=[141225331,-1356799221]

2014/06/26 11:51:26.596  2420  5544 D1   CServer::ChangeToServermode: WindowsSession Locked: yes, secure screensaver running: no

2014/06/26 11:51:26.596  2420  5544 D1   CServer::ChangeToServermode: Autolock: yes, (Local user logged-in: yes, window session locked: yes, secure screen saver running: no

2014/06/26 11:51:26.596  2420  5544 D1   CServer::ChangeToServermode: loggedin = 1, locked = 1

2014/06/26 11:51:26.597  2420  5544 D1   WindowObserver::SessionStart: -1; type: 1

2014/06/26 11:51:26.597  2420  5544 D1   CLogin::run() leave

2014/06/26 11:51:26.597  1460  2200 S0   AutoLock: InterProcessNetwork: Setting AutoLock to 1 (1).

2014/06/26 11:51:26.597  2420  1300 D1   DesktopThread started, number of Cores: 8

2014/06/26 11:51:26.598  1484  3016 G1   Resetting Cache. Cache disabled.

2014/06/26 11:51:26.598  1484  3016 G1   CServerSessionRecorder::AutoStart: AutoStart recording function called and not activated (auto recording of incoming RemoteControl not activated)

2014/06/26 11:51:26.598  1484  3016 G1   WindowObserverGUI::SessionStart: 1; type: 1

2014/06/26 11:51:26.599  2420  5688 D1   ServerThread started

2014/06/26 11:51:26.600  2420  5688 D1   ServerThread: Waiting for ParticipantManager synchronization

2014/06/26 11:51:26.617  1460  3676 S0   CT11 GWT.UDPFlowUDPPrepareSwitchToUDP.Received

2014/06/26 11:51:26.617  1460  3676 S0   CT11 CTU.SendCarrierSwitchToUDP

2014/06/26 11:51:26.617  1460  3676 S0   CT9 CT.Send.CMD_CARRIER_SWITCH From=141225331 To=743293067 L=12

2014/06/26 11:51:26.617  1460  3676 S0   CT11 Activating UDP carrier ...

2014/06/26 11:51:26.633  1460  2200 S0   CPersistentParticipantManager::AddParticipant: [743293067,-421916999] type=6 name=Machine

2014/06/26 11:51:26.644  1460  2200 S0   CParticipantManagerBase participant Machine (1) (ID [141225331,-1356799221]) was added with the role 3

2014/06/26 11:51:26.661  1460  2200 S0   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 11:51:26.661  1460  2200 S0   CParticipantManagerBase participant Machine (ID [743293067,-421916999]) was added with the role 6

2014/06/26 11:51:26.695  1460  2200 S0   CPersistentParticipantManager::SendPMSynchronizationComplete 0228EBC8

2014/06/26 11:51:26.696  1484  1488 G1   CParticipantManagerBase participant Machine (1) (ID [141225331,-1356799221]) was added with the role 3

2014/06/26 11:51:26.696  1484  1488 G1   New Participant added in CParticipantManager Machine (1) ([141225331,-1356799221])

2014/06/26 11:51:26.696  2420  6000 D1   CParticipantManagerBase participant Machine (1) (ID [141225331,-1356799221]) was added with the role 3

2014/06/26 11:51:26.696  2420  6000 D1   New Participant added in CParticipantManager Machine (1) ([141225331,-1356799221])

2014/06/26 11:51:26.696  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=3 type=5 (StreamType_Chat), source=[743293067,-421916999]

2014/06/26 11:51:26.696  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=4 type=7 (StreamType_VPN), source=[743293067,-421916999]

2014/06/26 11:51:26.696  1460  2200 S0   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=4 type=7 required=1 supported=1

2014/06/26 11:51:26.696  2420  6000 D1   CParticipantManagerBase participant Machine (ID [743293067,-421916999]) was added with the role 6

2014/06/26 11:51:26.696  2420  6000 D1   New Participant added in CParticipantManager Machine ([743293067,-421916999])

2014/06/26 11:51:26.696  1460  2200 S0   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 11:51:26.696  1484  1752 G1   CParticipantManagerBase participant Machine (ID [743293067,-421916999]) was added with the role 6

2014/06/26 11:51:26.696  1484  1752 G1   New Participant added in CParticipantManager Machine ([743293067,-421916999])

2014/06/26 11:51:26.699  2420  5688 D1   Resetting Cache. Cache disabled.

2014/06/26 11:51:26.699  2420  4324 D1   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 11:51:26.699  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=5 type=2 (StreamType_Screen), source=[141225331,-1356799221]

2014/06/26 11:51:26.699  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=6 type=10 (StreamType_ScreenVideo), source=[141225331,-1356799221]

2014/06/26 11:51:26.742  1484  1488 G1   DT: Sending InitSignal to DT 2222784044

2014/06/26 11:51:26.742  1484  1488 G1   DataTransceiverTVStreams::SendFileInfos: DT:2222784044 NumFiles:1

2014/06/26 11:51:26.742  1484  1488 G1   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=3 type=5 required=1 supported=1

2014/06/26 11:51:26.742  1484  1488 G1   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 11:51:26.743  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=7 type=1 (StreamType_Misc), source=[141225331,-1356799221]

2014/06/26 11:51:26.744  2420  5688 D1   SendInfo() executed.

2014/06/26 11:51:26.762  2420  5688 D1   SendInfo() executed.

2014/06/26 11:51:26.864  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=8 type=1 (StreamType_Misc), source=[743293067,-421916999]

2014/06/26 11:51:26.864  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=9 type=9 (StreamType_DragDrop), source=[743293067,-421916999]

2014/06/26 11:51:26.864  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=10 type=24 (StreamType_Clipboard), source=[743293067,-421916999]

2014/06/26 11:51:26.865  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=11 type=1 (StreamType_Misc), source=[743293067,-421916999]

2014/06/26 11:51:26.878  1484  1752 G1   CServerSessionRecorder::AutoStart: AutoStart recording function called and not activated (auto recording of incoming RemoteControl not activated)

2014/06/26 11:51:26.878  1484  1752 G1   DT: Sending InitSignal to DT 2222784044

2014/06/26 11:51:26.878  1484  1752 G1   DataTransceiverTVStreams::SendFileInfos: DT:2222784044 NumFiles:1

2014/06/26 11:51:26.878  1484  1752 G1   ServerThreadInfo connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:26.879  1484  1752 G1   CServerThreadInfo::Received_AccessControlSettings: RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed'

2014/06/26 11:51:26.879  1484  1752 G1   ServerThreadInfo connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:26.879  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=12 type=9 (StreamType_DragDrop), source=[141225331,-1356799221]

2014/06/26 11:51:26.879  2420  4324 D1   ServerThread: Registered Drag&Drop Stream (0000000c)

2014/06/26 11:51:26.879  1484  1488 G1   CServerClientBaseGUI: registered Drag&Drop stream

2014/06/26 11:51:26.880  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=13 type=24 (StreamType_Clipboard), source=[141225331,-1356799221]

2014/06/26 11:51:26.880  2420  1284 D1   ServerThread: Registered Clipboard Stream (0000000d)

2014/06/26 11:51:26.880  1484  1752 G1   CClipboardChangeListener::RegisterForClipboardChanges

2014/06/26 11:51:26.883  2420  5688 D1   ServerThread connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:26.883  2420  5688 D1   DisplayQuality m=0, bpp=8, q=100, echo=-1, conRating=0, cpu=13196

2014/06/26 11:51:26.983  2420  5688 D1   ConnectionAccessControl => RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed'

2014/06/26 11:51:26.983  2420  1300 D1   ChangeThreadDesktop(): SetThreadDesktop to Winlogon successful

2014/06/26 11:51:26.983  2420  1300 D1   Switching Desktops. ThreadDesktop: Default, InputDesktop: Winlogon

2014/06/26 11:51:26.983  2420  5688 D1   ServerThread connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:26.983  2420  5688 D1   DisplayQuality m=0, bpp=8, q=100, echo=-1, conRating=0, cpu=13196

2014/06/26 11:51:26.983  2420  6008 D1   ChangeThreadDesktop(): SetThreadDesktop to Winlogon successful

2014/06/26 11:51:26.983  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using device \\.\DISPLAY2

2014/06/26 11:51:26.983  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=14 type=1 (StreamType_Misc), source=[141225331,-1356799221]

2014/06/26 11:51:26.983  2420  6008 D1!  UpdateServerInputState not executed. Error code: 0

2014/06/26 11:51:26.983  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 11:51:26.983  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 11:51:26.992  2420  1300 D1   first fullscreen grab time in ms = 1

2014/06/26 11:51:26.994  2420  1300 D1   Desktop: Grabbed screen is ok.

2014/06/26 11:51:27.009  1484  1748 G1   ServerThreadInfo connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:27.093  2420  5688 D1   ServerThread connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:27.093  2420  5688 D1   DisplayQuality m=0, bpp=8, q=100, echo=-1, conRating=0, cpu=13196

2014/06/26 11:51:27.103  2420  5688 D1   ChangeThreadDesktop(): SetThreadDesktop to Winlogon successful

2014/06/26 11:51:27.103  2420  5688 D1   HandleDesktopChanged: Winlogon

2014/06/26 11:51:27.103  2420  5688 D1   Resetting Cache. Cache disabled.

2014/06/26 11:51:27.126  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1920x1080x8 to 3

2014/06/26 11:51:27.127  1484  1752 G1   Display buffers allocated: width = 1920, height = 1080, bpp = 8

2014/06/26 11:51:27.127  1484  1752 G1   RA: Creating audio server, max bandwidth 

2014/06/26 11:51:27.127  1484  1752 G1   RA: Change quality by capacity (350)

2014/06/26 11:51:27.127  1484  1752 G1   RA: Audio quality set to 32000

2014/06/26 11:51:27.127  1484  1752 G1   RA: RemoteAudioSender get started

2014/06/26 11:51:27.127  1484  1752 G1   RA: Control stream will get created

2014/06/26 11:51:27.127  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=15 type=12 (StreamType_RemoteAudioControl), source=[141225331,-1356799221]

2014/06/26 11:51:27.127  1484  1748 G1   RA: Controlstream succesfull registered with id 15

2014/06/26 11:51:27.203  1484  4984 G1   AudioDriver: Initializing Direct Sound 8

2014/06/26 11:51:27.203  1484  3168 G1   AudioDriver: Thread Running

2014/06/26 11:51:27.204  1484  4984 G1   AudioDriver: Direct Sound Initialized

2014/06/26 11:51:27.660  2420  5688 D1   Received cache version 2 from [743293067,-421916999]

2014/06/26 11:51:27.687  2420  3636 D1   Caching activated, partners version is 2, own version is 2

2014/06/26 11:51:28.366  2780  2928 H64  explorer.exe: ResumeAllThreads: resumed 23 threads, max count 23

2014/06/26 11:51:28.366  2780  2928 H64  explorer.exe: DragInterceptor: interception successful (new interface)

2014/06/26 11:51:29.606  1484  1492 G1   CBuddyWindow::OnTimer(): System is back to active

2014/06/26 11:51:29.606  1484  1492 G1   CBuddyWindow::ChangeOnlineStateInternal: Setting online state to status:"ST_BL_ONLINE" aos:"AOS_Online"

2014/06/26 11:51:29.606  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=33

2014/06/26 11:51:29.898  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=98

2014/06/26 11:51:29.898  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=1

2014/06/26 11:51:30.475  1484  1492 G1   CMainWindow::OnSessionChange 8

2014/06/26 11:51:30.485  1460  1612 S0   SERVICE_CONTROL_SESSIONCHANGE session=1, statusCode=WTS_SESSION_UNLOCK

2014/06/26 11:51:32.200  2420  1300 D1   ChangeThreadDesktop(): SetThreadDesktop to Default successful

2014/06/26 11:51:32.203  2420  1300 D1   Switching Desktops. ThreadDesktop: Winlogon, InputDesktop: Default

2014/06/26 11:51:32.208  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using device \\.\DISPLAY2

2014/06/26 11:51:32.912  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 11:51:33.270  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 11:51:33.276  2420  5688 D1   ChangeThreadDesktop(): SetThreadDesktop to Default successful

2014/06/26 11:51:33.644  2420  5688 D1   HandleDesktopChanged: Default

2014/06/26 11:51:33.990  2420  2296 D1   ChangeThreadDesktop(): SetThreadDesktop to default successful

2014/06/26 11:51:32.204  3096  3100 H32  tv_w32.exe: Starting Update Hook

2014/06/26 11:51:32.204  3104  3108 H64  tv_x64.exe: Starting Update Hook

2014/06/26 11:51:34.737  2420  6008 D1   ChangeThreadDesktop(): SetThreadDesktop to Default successful

2014/06/26 11:51:35.166  2420  6008 D1!  UpdateServerInputState not executed. Error code: 0

2014/06/26 11:51:35.183  1484  1488 G1   ServerThreadInfo connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:35.217  2420  5688 D1   ServerThread connected to 743293067, client version is 9.0.28223 , OS=13

2014/06/26 11:51:35.217  2420  5688 D1   DisplayQuality m=0, bpp=8, q=100, echo=-1, conRating=0, cpu=13196

2014/06/26 11:51:35.282  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1920x1080x8 to 3

2014/06/26 11:51:35.290  1484  1752 G1   Display buffers allocated: width = 1920, height = 1080, bpp = 8

2014/06/26 11:51:35.291  1484  1752 G1   RA: RemoteAudioSender get started

2014/06/26 11:51:37.233  2420  5688 D1   DisplayQuality m=0, bpp=32, q=95, echo=16, conRating=3, cpu=13196

2014/06/26 11:51:37.239  2420  3636 D1   Tile caching activated

2014/06/26 11:51:37.256  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1920x1080x32 to 3

2014/06/26 11:51:37.271  1484  1488 G1   Display buffers allocated: width = 1920, height = 1080, bpp = 32

2014/06/26 11:51:37.271  1484  1488 G1   RA: RemoteAudioSender get started

2014/06/26 11:51:38.200  2420  4324 D1   Estimated RTT 11 ms (reliability = 2)

2014/06/26 11:51:38.623  1484  1488 G1   RA: Change quality by capacity (54655)

2014/06/26 11:51:38.623  2420  5480 D1   Estimated bandwidth capacity 54655 kbit/s (reliability = 2)

2014/06/26 11:51:38.623  1484  1488 G1   RA: Audio quality set to 125000

2014/06/26 11:51:38.623  1484  4264 G1   RA: Stopping capturing thread

2014/06/26 11:51:38.623  1484  4264 G1   RA: LoopbackCapture with 2 discon events within 11435 ms

2014/06/26 11:51:38.623  1484  4984 G1   RA: RemoteAudioSender stopped

2014/06/26 11:51:38.623  1484  1488 G1   RA: LoopBackCapture stopped

2014/06/26 11:51:38.649  1484  1488 G1   RA: RemoteAudioSender stopping...

2014/06/26 11:51:38.649  1484  1488 G1   RA: Control stream will get created

2014/06/26 11:51:38.649  1460  2200 S0   CStreamManager[1]::StreamRegistered(): streamID=16 type=12 (StreamType_RemoteAudioControl), source=[141225331,-1356799221]

2014/06/26 11:51:38.649  1484  1752 G1   RA: Controlstream succesfull registered with id 16

2014/06/26 11:51:38.688  1484  6132 G1   AudioDriver: Initializing Direct Sound 8

2014/06/26 11:51:38.688  1484  5544 G1   AudioDriver: Thread Running

2014/06/26 11:51:38.688  1484  6132 G1   AudioDriver: Direct Sound Initialized

2014/06/26 11:51:47.096  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using device \\.\DISPLAY1

2014/06/26 11:51:47.097  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 11:51:47.097  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 11:51:47.129  2420  3636 D1   Tile caching activated

2014/06/26 11:51:47.144  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1680x1050x32 to 3

2014/06/26 11:51:47.144  1484  1752 G1   Display buffers allocated: width = 1680, height = 1050, bpp = 32

2014/06/26 11:51:47.144  1484  1752 G1   RA: RemoteAudioSender get started

2014/06/26 11:51:50.166  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 11:51:50.166  2420  3636 D1   CompressorThread: moving window to 2327x359

2014/06/26 11:52:22.178  1484  3372 G1   CClipboardSource::SendClipboardContent: (5 data formats)

2014/06/26 11:52:33.176  1484  2788 G1   CClipboardSource::SendClipboardContent: (5 data formats)

2014/06/26 11:52:41.019  1484  5956 G1   CClipboardSource::SendClipboardContent: (5 data formats)

2014/06/26 11:54:02.807  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 11:54:02.807  2420  3636 D1   CompressorThread: clipping left side 1792 1920

2014/06/26 11:54:02.807  2420  3636 D1   CompressorThread: clipping top side 7 30

2014/06/26 11:54:02.807  2420  3636 D1   CompressorThread: moving window to 1920x30

2014/06/26 11:54:08.205  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using device \\.\DISPLAY2

2014/06/26 11:54:08.205  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 11:54:08.205  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 11:54:08.236  2420  3636 D1   Tile caching activated

2014/06/26 11:54:08.253  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1920x1080x32 to 3

2014/06/26 11:54:08.259  1484  1752 G1   Display buffers allocated: width = 1920, height = 1080, bpp = 32

2014/06/26 11:54:08.259  1484  1752 G1   RA: RemoteAudioSender get started

2014/06/26 11:54:08.293  1460  3676 S0!  CT11 UDP statistics: scf=122 

2014/06/26 11:54:14.433  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using device \\.\DISPLAY1

2014/06/26 11:54:14.433  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 11:54:14.433  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 11:54:14.479  2420  3636 D1   Tile caching activated

2014/06/26 11:54:14.495  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1680x1050x32 to 3

2014/06/26 11:54:14.505  1484  1748 G1   Display buffers allocated: width = 1680, height = 1050, bpp = 32

2014/06/26 11:54:14.505  1484  1748 G1   RA: RemoteAudioSender get started

2014/06/26 11:54:19.821  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using device \\.\DISPLAY2

2014/06/26 11:54:19.821  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 11:54:19.821  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 11:54:19.851  2420  3636 D1   Tile caching activated

2014/06/26 11:54:19.866  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1920x1080x32 to 3

2014/06/26 11:54:19.866  1484  1752 G1   Display buffers allocated: width = 1920, height = 1080, bpp = 32

2014/06/26 11:54:19.866  1484  1752 G1   RA: RemoteAudioSender get started

2014/06/26 11:54:27.758  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using device \\.\DISPLAY1

2014/06/26 11:54:27.758  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 11:54:27.758  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 11:54:27.783  2420  3636 D1   Tile caching activated

2014/06/26 11:54:27.799  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1680x1050x32 to 3

2014/06/26 11:54:27.799  1484  1748 G1   Display buffers allocated: width = 1680, height = 1050, bpp = 32

2014/06/26 11:54:27.799  1484  1748 G1   RA: RemoteAudioSender get started

2014/06/26 11:54:48.806  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 11:54:48.806  2420  3636 D1   CompressorThread: moving window to 2373x316

2014/06/26 11:55:43.380  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 11:55:43.380  2420  3636 D1   CompressorThread: moving window to 1965x121

2014/06/26 11:56:11.062  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=146

2014/06/26 11:56:11.062  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=9

2014/06/26 11:56:12.783  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=1394

2014/06/26 11:56:12.790  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=1749

2014/06/26 11:56:13.090  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=776

2014/06/26 11:56:13.101  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=778

2014/06/26 11:56:13.394  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=795

2014/06/26 11:56:13.394  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=171

2014/06/26 11:58:10.209  1460  4484 S0   CT8 CConnectionThread::CmdPingRouter(): Router Pong Received with following Hops: 141225331 918368562

2014/06/26 11:59:55.082  1484  1492 G1   CBuddyWindow::OnTimer(): System has become idle. TimeUntilIdle: 300000

2014/06/26 11:59:55.082  1484  1492 G1   CBuddyWindow::ChangeOnlineStateInternal: Setting online state to status:"ST_BL_AWAY" aos:"AOS_Away"

2014/06/26 11:59:55.082  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=33

2014/06/26 11:59:55.378  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=98

2014/06/26 11:59:55.378  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=1

2014/06/26 12:00:45.423  1484  1492 G1   CMainWindow::TrackIdleTime(): System goes idle. AdminRights:1 SystemTime:1403751645 LastAutoUpdate:1403445357 AutoUpdateMode:1

2014/06/26 12:02:54.949  1460  1304 S0   CSecurityInformation::GetAntivirusStatus(): Found software: Microsoft Security Essentials, running: 1, up to date: 1

2014/06/26 12:02:54.951  1460  1304 S0   CDiskSpace::GetDiskSpaceInformation(): drive: C:\, free space: 35905490944, capacity: 127928365056

2014/06/26 12:02:54.951  1460  1304 S0   CDiskSpace::GetDiskSpaceInformation(): drive: D:\, free space: 926391541760, capacity: 1000202039296

2014/06/26 12:02:54.951  1460  1304 S0   CDiskSpace::GetDiskSpaceInformation(): drive: E:\, free space: 59922878464, capacity: 60019437568

2014/06/26 12:28:31.988  1460  4484 S0   CT8 CConnectionThread::CmdPingRouter(): Router Pong Received with following Hops: 141225331 918368562

2014/06/26 12:52:04.356  1460  3288 S0!  CT11 UDP statistics: prp=1 scf=100 

2014/06/26 12:52:37.737  1460  3288 S0!  CT11 UDP statistics: dp=2 rrp=13 prp=3 

2014/06/26 12:53:50.491  1460  3288 S0!  CT11 UDP statistics: dp=1 rrp=8 

2014/06/26 12:55:20.839  1460  3288 S0!  CT11 UDP statistics: rrp=1 

2014/06/26 12:56:12.775  1460  3288 S0!  CT11 UDP statistics: prp=4 

2014/06/26 12:56:44.010  1460  3288 S0!  CT11 UDP statistics: dp=1 rrp=5 prp=16 

2014/06/26 12:57:23.007  1460  3288 S0!  CT11 UDP statistics: dp=1 rrp=2 prp=8 

2014/06/26 12:58:07.636  1460  3288 S0!  CT11 UDP statistics: dp=1 rrp=3 prp=8 

2014/06/26 12:58:49.660  1460  3288 S0!  CT11 UDP statistics: dp=1 rrp=6 prp=8 

2014/06/26 12:59:00.151  1460  4484 S0   CT8 CConnectionThread::CmdPingRouter(): Router Pong Received with following Hops: 141225331 918368562

2014/06/26 12:59:29.110  1460  3288 S0!  CT11 UDP statistics: dp=3 rrp=7 prp=7 

2014/06/26 12:59:59.635  1460  3288 S0!  CT11 UDP statistics: dp=4 rrp=14 prp=6 

2014/06/26 13:00:42.098  1460  3288 S0!  CT11 UDP statistics: dp=3 rrp=9 prp=7 

2014/06/26 13:01:14.921  1460  3288 S0!  CT11 UDP statistics: dp=3 rrp=14 prp=3 

2014/06/26 13:09:07.526  1460  2200 S0!! ZLib: inflate/deflate - no progress possible (not fatal)

2014/06/26 13:13:27.245  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=146

2014/06/26 13:13:27.245  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=9

2014/06/26 13:13:29.059  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=1394

2014/06/26 13:13:29.065  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=1749

2014/06/26 13:13:29.366  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=776

2014/06/26 13:13:29.377  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=778

2014/06/26 13:13:29.680  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=795

2014/06/26 13:13:29.681  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=171

2014/06/26 13:29:14.671  1460  4484 S0   CT8 CConnectionThread::CmdPingRouter(): Router Pong Received with following Hops: 141225331 918368562

2014/06/26 13:31:17.993  1460  3288 S0!  CT11 UDP statistics: dp=3 rrp=11 

2014/06/26 13:41:35.718  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=414

2014/06/26 13:41:35.722  1460  4484 S0   CT12 CT.TM_GWout.37.252.244.11 - CT12 - S11

2014/06/26 13:41:35.722  1460  4484 S0   CT12 CT.Connect to TeamViewer Router 37.252.244.11:5938

2014/06/26 13:41:35.729  1460  4484 S0   CT12 CT.Connected

2014/06/26 13:41:35.729  1460  4484 S0   CT12 CT.Send.CMD_IDENTIFY From=141225331 To=0 L=32

2014/06/26 13:41:35.729  1460  4484 S0   CT12 CT.Send.CMD_CONNECTTOWAITINGTHREAD From=141225331 To=0 L=48

2014/06/26 13:41:35.729  1460  5452 S0   CT13 CT.Run

2014/06/26 13:41:35.729  1460  5452 S0   CT13 TM.TM_TV

2014/06/26 13:41:35.730  1460  4484 S0   Connect to existing desktop process in session 1

2014/06/26 13:41:35.730  1460  4484 S0   ConnectionGuard: incoming remote control in sessions: 1(2)

2014/06/26 13:41:35.730  1484  1748 G1   Connection incoming, sessionID = 1690735007

2014/06/26 13:41:35.730  2420  4324 D1   Connection incoming, sessionID = 1690735007

2014/06/26 13:41:35.730  1460  4484 S0   CT8 CT.Send.CMD_ROUTERCMD From=141225331 To=918368562 L=59

2014/06/26 13:41:35.730  1460  4744 S0   CT12 CT.Run

2014/06/26 13:41:35.730  1460  4744 S0   CT12 TM.TM_GWout

2014/06/26 13:41:35.730  2420  4016 D1   CLogin::run()

2014/06/26 13:41:35.730  2420  4016 D1   CLogin::NegotiateVersionServer()

2014/06/26 13:41:35.736  1460  4744 S0   CT12 CT.Receive.CMD_SESSIONID From=0 To=141225331 L=8

2014/06/26 13:41:35.830  1460  5452 S0   CT12 Activating support for ccmdV2

2014/06/26 13:41:37.064  1460  4744 S0   CT12 CT.Receive.CMD_IDENTIFY From=0 To=141225331 L=32

2014/06/26 13:41:37.064  1460  4744 S0   CT12 CT.Receive.CMD_SESSIONMODE From=505689333 To=141225331 L=28

2014/06/26 13:41:37.433  1460  4744 S0   Negotiating session encryption: client hello received from 505689333, RSA key length = 2048

2014/06/26 13:41:37.530  1460  4744 S0   Negotiating session encryption: server hello sent

2014/06/26 13:41:37.569  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:41:37.570  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:41:37.805  1460  4744 S0   Negotiating session encryption: client handshake received

2014/06/26 13:41:37.830  1460  4744 S0   Negotiating session encryption: server handshake sent, encryption established with AES key length 256

2014/06/26 13:41:37.934  1460  2604 S0   CT14 CT.Run

2014/06/26 13:41:37.934  1460  2604 S0   CT14 TM.TM_UDP

2014/06/26 13:41:37.934  1460  2604 S0   CT14 GWT.UDPFlowVersionHandshake.Received

2014/06/26 13:41:37.934  1460  2604 S0   CT14 Activating UDP packet loss control ...

2014/06/26 13:41:38.696  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:41:38.696  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:41:38.827  2420  4016 D1   CLogin::CheckIfConnectionIsAllowed()

2014/06/26 13:41:38.827  2420  4016 D1   CLogin::AuthenticateServer()

2014/06/26 13:41:40.280  1460  2604 S0   CT14 GWT.CmdUDPFlowControl.RequestUDP.Received

2014/06/26 13:41:40.280  1460  2604 S0   CT14 GWT.SendUDPPings

2014/06/26 13:41:40.708  1460  2604 S0   CT14 GWT.CmdUDPPing.UDPMasterReply 112.221.45.59:61857

2014/06/26 13:41:40.708  1460  2604 S0   CT14 GWT.CmdUDPPing.PingOK.PunchInit

2014/06/26 13:41:40.708  1460  2604 S0   CT14 GWT.SendUDPPunchRequest 2

2014/06/26 13:41:41.447  2420  4016 D1!! CAuthenticationSRP_Passive, Step_Receive_VerifyClientSecret: clientSecret!=serverSecret

2014/06/26 13:41:41.469  1460  2604 S0   CT14 GWT.SendUDPPunches

2014/06/26 13:41:41.469  1460  2604 S0   CT14 punching version 0, type 3

2014/06/26 13:41:41.479  1460  2604 S0   CT14 GWT.SendUDPPunchRequest 4

2014/06/26 13:41:43.376  2420  4016 D1   CLogin::run(): ConnectionMode == 1

2014/06/26 13:41:43.376  2420  4016 D1   CServerThread::Factory(PseudoSocket)

2014/06/26 13:41:43.376  2420  4016 D1   Default keyboard layout: 04120412

2014/06/26 13:41:43.376  2420  4016 D1   WindowObserver::SessionStart: -1; type: 1

2014/06/26 13:41:43.376  2420  4016 D1   CLogin::run() leave

2014/06/26 13:41:43.376  1460  2200 S0   CPersistentParticipantManager::AddParticipant: [141225331,1690735007] type=3 name=Machine

2014/06/26 13:41:43.377  1460  2200 S0   CPersistentParticipantManager::AddParticipant: [141225331,1690735007] type=3 name=Machine

2014/06/26 13:41:43.377  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=1 type=5 (StreamType_Chat), source=[141225331,1690735007]

2014/06/26 13:41:43.377  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=2 type=7 (StreamType_VPN), source=[141225331,1690735007]

2014/06/26 13:41:43.377  2420  4500 D1   ServerThread started

2014/06/26 13:41:43.377  2420  4500 D1   ServerThread: Waiting for ParticipantManager synchronization

2014/06/26 13:41:43.378  1484  1488 G1   Resetting Cache. Cache disabled.

2014/06/26 13:41:43.378  1484  1488 G1   CServerSessionRecorder::AutoStart: AutoStart recording function called and not activated (auto recording of incoming RemoteControl not activated)

2014/06/26 13:41:43.378  1484  1488 G1   WindowObserverGUI::SessionStart: 2; type: 1

2014/06/26 13:41:43.384  2420  1300 D1   GrabMethodWin::CreateMonitorDC(): Using virtual desktop

2014/06/26 13:41:43.384  2420  1300 D1   CGrabScreenGDI::Initialize(): BPP_USED = 32, colors = 4294967296

2014/06/26 13:41:43.384  2420  1300 D1   CGrabScreenGDI::Initialize() m_State=1

2014/06/26 13:41:43.390  1460  2200 S0   CPersistentParticipantManager::AddParticipant: [505689333,203256957] type=6 name=Machine

2014/06/26 13:41:43.390  1460  2200 S0   CParticipantManagerBase participant Machine (ID [505689333,203256957]) was added with the role 6

2014/06/26 13:41:43.390  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=3 type=1 (StreamType_Misc), source=[505689333,203256957]

2014/06/26 13:41:43.477  2420  3636 D1   CScreenStreamSender::SendDisplayParams() 1680x1050x32 to 3

2014/06/26 13:41:43.477  1484  1748 G1   Display buffers allocated: width = 1680, height = 1050, bpp = 32

2014/06/26 13:41:43.477  1484  1748 G1   RA: RemoteAudioSender get started

2014/06/26 13:41:43.514  1460  3676 S0!  CT11 UDP statistics: scf=1 

2014/06/26 13:41:43.728  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:41:43.728  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:41:43.867  1460  2200 S0   CParticipantManagerBase participant Machine (1) (ID [141225331,1690735007]) was added with the role 3

2014/06/26 13:41:43.870  1460  2200 S0   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 13:41:47.855  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:41:47.855  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:41:47.857  1460  2200 S0   CPersistentParticipantManager::SendPMSynchronizationComplete 05369078

2014/06/26 13:41:47.857  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=4 type=5 (StreamType_Chat), source=[505689333,203256957]

2014/06/26 13:41:47.857  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=5 type=7 (StreamType_VPN), source=[505689333,203256957]

2014/06/26 13:41:47.857  1460  2200 S0   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=5 type=7 required=1 supported=1

2014/06/26 13:41:47.857  1460  2200 S0   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 13:41:47.858  1484  1752 G1   CParticipantManagerBase participant Machine (1) (ID [141225331,1690735007]) was added with the role 3

2014/06/26 13:41:47.858  1484  1752 G1   New Participant added in CParticipantManager Machine (1) ([141225331,1690735007])

2014/06/26 13:41:47.858  1484  1748 G1   CParticipantManagerBase participant Machine (ID [505689333,203256957]) was added with the role 6

2014/06/26 13:41:47.858  2420  5480 D1   CParticipantManagerBase participant Machine (1) (ID [141225331,1690735007]) was added with the role 3

2014/06/26 13:41:47.858  1484  1748 G1   New Participant added in CParticipantManager Machine ([505689333,203256957])

2014/06/26 13:41:47.858  2420  5480 D1   New Participant added in CParticipantManager Machine (1) ([141225331,1690735007])

2014/06/26 13:41:47.858  2420  4324 D1   CParticipantManagerBase participant Machine (ID [505689333,203256957]) was added with the role 6

2014/06/26 13:41:47.858  2420  4324 D1   New Participant added in CParticipantManager Machine ([505689333,203256957])

2014/06/26 13:41:47.861  2420  4500 D1   Resetting Cache. Cache disabled.

2014/06/26 13:41:47.862  2420  1284 D1   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 13:41:47.862  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=6 type=2 (StreamType_Screen), source=[141225331,1690735007]

2014/06/26 13:41:47.862  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=7 type=10 (StreamType_ScreenVideo), source=[141225331,1690735007]

2014/06/26 13:41:47.889  1484  1488 G1   DT: Sending InitSignal to DT 3286331726

2014/06/26 13:41:47.889  1484  1488 G1   DataTransceiverTVStreams::SendFileInfos: DT:3286331726 NumFiles:1

2014/06/26 13:41:47.889  1484  1748 G1   CParticipantManagerBase::CheckAndSubscribeNewStream(): Subscribe stream now streamID=4 type=5 required=1 supported=1

2014/06/26 13:41:47.890  1484  1748 G1   CServerSessionRecorder::AutoStart: AutoStart recording function called and not activated (auto recording of incoming RemoteControl not activated)

2014/06/26 13:41:47.890  1484  1748 G1   DT: Sending InitSignal to DT 3286331726

2014/06/26 13:41:47.890  1484  1748 G1   DataTransceiverTVStreams::SendFileInfos: DT:3286331726 NumFiles:1

2014/06/26 13:41:47.890  1484  1748 G1   CParticipantManagerBase InteractionDefaults arrived : CInteractionDefaults = (0) [ 0,2,0,0,2,0,0]

2014/06/26 13:41:47.890  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=8 type=1 (StreamType_Misc), source=[141225331,1690735007]

2014/06/26 13:41:47.891  2420  4500 D1   SendInfo() executed.

2014/06/26 13:41:47.891  2420  4500 D1   ChangeThreadDesktop(): SetThreadDesktop to Default successful

2014/06/26 13:41:47.925  2420  4500 D1   SendInfo() executed.

2014/06/26 13:41:49.251  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=9 type=9 (StreamType_DragDrop), source=[505689333,203256957]

2014/06/26 13:41:49.251  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=10 type=24 (StreamType_Clipboard), source=[505689333,203256957]

2014/06/26 13:41:49.252  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=11 type=1 (StreamType_Misc), source=[505689333,203256957]

2014/06/26 13:41:49.761  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:41:49.761  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:41:49.761  1484  1748 G1   ServerThreadInfo connected to 505689333, client version is 9.0.29480 , OS=13

2014/06/26 13:41:49.762  1484  1752 G1   CServerThreadInfo::Received_AccessControlSettings: RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed'

2014/06/26 13:41:49.762  1484  1752 G1   ServerThreadInfo connected to 505689333, client version is 9.0.29480 , OS=13

2014/06/26 13:41:49.762  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=12 type=9 (StreamType_DragDrop), source=[141225331,1690735007]

2014/06/26 13:41:49.762  1484  1488 G1   CServerClientBaseGUI: registered Drag&Drop stream

2014/06/26 13:41:49.762  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=13 type=24 (StreamType_Clipboard), source=[141225331,1690735007]

2014/06/26 13:41:49.763  2420  1284 D1   ServerThread: Registered Drag&Drop Stream (0000000c)

2014/06/26 13:41:49.763  2420  4324 D1   ServerThread: Registered Clipboard Stream (0000000d)

2014/06/26 13:41:49.765  2420  4500 D1   ServerThread connected to 505689333, client version is 9.0.29480 , OS=13

2014/06/26 13:41:49.765  2420  4500 D1   DisplayQuality m=0, bpp=8, q=100, echo=-1, conRating=0, cpu=13196

2014/06/26 13:41:49.765  2420  4500 D1   ConnectionAccessControl => RCAccessControl: RemoteControl='Allowed', FileTransfer='Allowed', ControlRemoteTV='Allowed', SwitchSides='Allowed', AllowDisableRemoteInput='Allowed', AllowVPN='Allowed', AllowPartnerViewDesktop='Allowed', ShareMyFiles='Allowed', ShareFilesWithMe='Allowed', PrintOnMyPrinters='Allowed', PrintOnRemotePrinters='Allowed'

2014/06/26 13:41:49.765  2420  4500 D1   ServerThread connected to 505689333, client version is 9.0.29480 , OS=13

2014/06/26 13:41:49.765  2420  4500 D1   DisplayQuality m=0, bpp=8, q=100, echo=-1, conRating=0, cpu=13196

2014/06/26 13:41:49.766  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=14 type=1 (StreamType_Misc), source=[141225331,1690735007]

2014/06/26 13:41:49.776  2420  4500 D1   Resetting Cache. Cache disabled.

2014/06/26 13:41:49.861  2420  3848 D1   CScreenStreamSender::SendDisplayParams() 1920x1080x8 to 3

2014/06/26 13:41:49.861  1484  1488 G1   Display buffers allocated: width = 1920, height = 1080, bpp = 8

2014/06/26 13:41:49.861  1484  1488 G1   RA: Creating audio server, max bandwidth 

2014/06/26 13:41:49.861  1484  1488 G1   RA: Change quality by capacity (50840)

2014/06/26 13:41:49.861  1484  1488 G1   RA: Audio quality set to 125000

2014/06/26 13:41:49.861  1484  1488 G1   RA: RemoteAudioSender get started

2014/06/26 13:41:49.861  1484  1488 G1   RA: Control stream will get created

2014/06/26 13:41:49.861  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=15 type=12 (StreamType_RemoteAudioControl), source=[141225331,1690735007]

2014/06/26 13:41:49.862  1484  1752 G1   RA: Controlstream succesfull registered with id 15

2014/06/26 13:41:51.349  2420  4500 D1   Received cache version 2 from [505689333,203256957]

2014/06/26 13:41:51.361  2420  3848 D1   Caching activated, partners version is 2, own version is 2

2014/06/26 13:41:54.680  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:41:54.680  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:41:54.680  1484  1752 G1   RA: Change quality by capacity (684)

2014/06/26 13:41:54.680  1484  1752 G1   RA: Audio quality set to 32000

2014/06/26 13:41:54.680  1484  4420 G1   RA: Stopping capturing thread

2014/06/26 13:41:54.680  1484  4420 G1   RA: LoopbackCapture with 0 discon events within 3572 ms

2014/06/26 13:41:54.680  1484  3760 G1   RA: RemoteAudioSender stopped

2014/06/26 13:41:54.680  1484  1752 G1   RA: LoopBackCapture stopped

2014/06/26 13:41:54.681  1484  1752 G1   RA: RemoteAudioSender stopping...

2014/06/26 13:41:54.681  1484  1752 G1   RA: Control stream will get created

2014/06/26 13:41:54.681  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=16 type=12 (StreamType_RemoteAudioControl), source=[141225331,1690735007]

2014/06/26 13:41:54.681  1484  1752 G1   RA: Controlstream succesfull registered with id 16

2014/06/26 13:41:55.578  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:41:55.578  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:41:55.578  2420  6000 D1   Estimated bandwidth capacity to 141225331: 684 kbit/s (rel=2)

2014/06/26 13:41:55.578  2420  6000 D1   Estimated bandwidth capacity to 505689333: 319 kbit/s (rel=2)

2014/06/26 13:41:55.588  2420  4500 D1   Slow connection detected (319 kbit/s)

2014/06/26 13:41:55.671  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 13:41:55.671  2420  3636 D1   CompressorThread: moving window to 2469x461

2014/06/26 13:41:58.612  2420  3848 D1   CScreenStreamSender::SendDisplayParams() 1680x1050x8 to 3

2014/06/26 13:41:58.612  1484  1488 G1   Display buffers allocated: width = 1680, height = 1050, bpp = 8

2014/06/26 13:41:58.612  1484  1488 G1   RA: RemoteAudioSender get started

2014/06/26 13:41:59.803  2420  4500 D1   DisplayQuality m=0, bpp=8, q=100, echo=624, conRating=1, cpu=13196

2014/06/26 13:42:00.867  1484  1492 G1   CBuddyWindow::OnTimer(): System is back to active

2014/06/26 13:42:00.867  1484  1492 G1   CBuddyWindow::ChangeOnlineStateInternal: Setting online state to status:"ST_BL_ONLINE" aos:"AOS_Online"

2014/06/26 13:42:00.867  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=33

2014/06/26 13:42:01.256  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=98

2014/06/26 13:42:01.256  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=1

2014/06/26 13:42:07.981  1460  2604 S0   CT14 CTU.Run.LoopEnd

2014/06/26 13:42:07.981  1460  2604 S0   CT14 CTU.Run.LoopEnd2

2014/06/26 13:42:21.341  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 13:42:21.341  2420  3636 D1   CompressorThread: moving window to 2808x333

2014/06/26 13:42:21.402  1460  3676 S0!  CT11 UDP statistics: scf=78 

2014/06/26 13:43:04.031  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 13:43:04.031  2420  3636 D1   CompressorThread: moving window to 2292x84

2014/06/26 13:43:04.092  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:43:04.092  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:43:04.154  1460  3676 S0!  CT11 UDP statistics: scf=99 

2014/06/26 13:43:06.317  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:43:06.317  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:44:03.206  1484  6104 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:44:06.205  2420  3848 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 13:44:06.205  2420  3848 D1   CompressorThread: moving window to 2292x84

2014/06/26 13:44:15.030  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:44:15.030  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:44:15.801  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:44:15.801  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:44:34.510  1460  3676 S0!  CT11 UDP statistics: scf=26 

2014/06/26 13:45:17.227  1484  3684 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:45:26.934  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:45:26.934  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:45:28.719  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:45:28.719  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:45:30.618  1484  5536 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:45:32.005  1484  5080 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:46:15.022  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=17 type=6 (StreamType_File), source=[505689333,203256957]

2014/06/26 13:46:16.667  1484  5104 G1   CFileTransferThreadServer started. 

2014/06/26 13:46:16.667  1484  1492 G1   - 서버가 성공적으로 시작되었습니다.

2014/06/26 13:46:16.667  1460  2200 S0   CStreamManager[2]::StreamRegistered(): streamID=18 type=6 (StreamType_File), source=[141225331,1690735007]

2014/06/26 13:46:16.678  1484  1492 G1   - Machine (505 689 333)의 파일 전송 요청 허용됨

2014/06/26 13:46:16.731  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 13:46:16.731  2420  3636 D1   CompressorThread: moving window to 2566x379

2014/06/26 13:46:18.631  1484  1492 G1   - 폴더 보기 <루트 드라이브> 

2014/06/26 13:46:24.023  1484  1492 G1   - 폴더 보기 C:\Users\aomame\Desktop\ 

2014/06/26 13:46:27.045  1484  1492 G1   - 폴더 보기 C:\Users\aomame\Desktop\x\ 

2014/06/26 13:46:36.052  1484  1492 G1   - 파일 전송 처리 중...

2014/06/26 13:46:41.896  1484  1492 G1   - 파일 C:\Users\aomame\Desktop\x\wallet.dat.bcdrk 보내기

2014/06/26 13:46:46.175  1484  1492 G1   - 파일 C:\Users\aomame\Desktop\x\wallet.dat.bitstar 보내기

2014/06/26 13:46:49.106  1484  1492 G1   - 파일 C:\Users\aomame\Desktop\x\wallet.dat_bitstar-2014-04-28 보내기

2014/06/26 13:46:49.106  1484  1492 G1   - 파일 전송이 종료되었습니다.

2014/06/26 13:46:53.481  1484  2992 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:47:34.286  1460  3676 S0!  CT11 UDP statistics: scf=41 

2014/06/26 13:47:57.004  1484  2856 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:48:03.316  1484  2888 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:48:21.418  1460  3676 S0!  CT11 UDP statistics: scf=31 

2014/06/26 13:48:25.129  1484   944 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:48:58.733  1460  3676 S0!  CT11 UDP statistics: scf=23 

2014/06/26 13:49:05.068  1484  4996 G1   CClipboardSource::SendClipboardContent: (8 data formats)

2014/06/26 13:49:10.779  1484  1492 G1   - 폴더 보기 C:\Users\aomame\Desktop\x\ 

2014/06/26 13:49:24.360  1484  1492 G1   - 파일 전송 처리 중...

2014/06/26 13:49:45.035  1484  1492 G1   - 파일 C:\Users\aomame\Desktop\x\jpc.wallet.dat 보내기

2014/06/26 13:50:40.618  1484  1492 G1   - 파일 C:\Users\aomame\Desktop\x\wallet.dat.bc-2 보내기

2014/06/26 13:50:40.622  1484  1492 G1   - 파일 전송이 종료되었습니다.

2014/06/26 13:51:09.359  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:51:09.359  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:51:10.539  1460  4744 S0   CT12 CT.Receive.CMD_MEETING_AUTHENTICATION From=505689333 To=141225331 L=53

2014/06/26 13:51:10.539  1460  4744 S0   CGatewaySession::ReceivedCmdMeetingAuthentication: CC=8 CT=9

2014/06/26 13:51:25.543  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=38

2014/06/26 13:51:25.816  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=38

2014/06/26 13:51:25.816  1484  6044 G1   LoadfromURL: using proxy ':0'

2014/06/26 13:51:42.099  1484  5104 G1   Ending CFileTransferThreadServer... 

2014/06/26 13:51:42.099  1484  5104 G1   The CFileTransferThreadServer has ended. 

2014/06/26 13:51:42.099  1484  1492 G1   - 파일 전송 서버가 종료되었습니다.

2014/06/26 13:51:44.869  1460  3676 S0!  CT11 UDP statistics: scf=16 

2014/06/26 13:52:00.681  2420  3848 D1   CScreenStreamSender::SendDisplayParams() 1920x1080x8 to 3

2014/06/26 13:52:00.681  1484  1748 G1   Display buffers allocated: width = 1920, height = 1080, bpp = 8

2014/06/26 13:52:00.681  1484  1748 G1   RA: RemoteAudioSender get started

2014/06/26 13:52:15.669  2420  3848 D1   CScreenStreamSender::SendDisplayParams() 1680x1050x8 to 3

2014/06/26 13:52:15.669  1484  1748 G1   Display buffers allocated: width = 1680, height = 1050, bpp = 8

2014/06/26 13:52:15.669  1484  1748 G1   RA: RemoteAudioSender get started

2014/06/26 13:52:40.738  1460  2200 S0   CPersistentParticipantManager::RemoveParticipant: [505689333,203256957]

2014/06/26 13:52:40.738  1460  5452 S0   CT12 CT.Send.CMD_ENDSESSION From=141225331 To=505689333 L=4

2014/06/26 13:52:40.740  1460  2200 S0   CStreamManager[2]::ReceivedEndSession(): reason=1

2014/06/26 13:52:40.741  1460  2200 S0   CPersistentParticipantManager::RemoveParticipant: [141225331,1690735007]

2014/06/26 13:52:40.741  1460  2200 S0   CStreamManager::ParticipantRemoved: Our own participant was removed, we must terminate our session

2014/06/26 13:52:40.741  1484  6116 G1   RA: Stopping capturing thread

2014/06/26 13:52:40.742  1484  6116 G1   RA: LoopbackCapture with 34 discon events within 645158 ms

2014/06/26 13:52:40.742  1484  4688 G1   RA: RemoteAudioSender stopped

2014/06/26 13:52:40.742  1484  1748 G1   RA: LoopBackCapture stopped

2014/06/26 13:52:40.743  1484  1748 G1   RA: RemoteAudioSender stopping...

2014/06/26 13:52:40.745  1460  4744 S0   CT12 CT.Receive.CMD_DISCONNECT From=505689333 To=141225331 L=4

2014/06/26 13:52:40.746  1460  2200 S0!! CMeetingControl[2]::Received_MeetingCloseStream(): participant doesn't exists: [141225331,1690735007]

2014/06/26 13:52:40.752  1460  4744 S0!  S11 NC.Read.Failed4

2014/06/26 13:52:40.752  1460  4744 S0   CT12 CT.Run.LoopEnd

2014/06/26 13:52:40.752  1460  4744 S0   CT12 CT.Disconnect

2014/06/26 13:52:40.752  1460  4744 S0   Session to 505689333 ended. Estimated capacity=195kBit/s, Latency=0ms

2014/06/26 13:52:40.752  1460  4744 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=37

2014/06/26 13:52:40.759  2420  4500 D1   ServerThread to 505689333 finished

2014/06/26 13:52:40.759  2420  4500 D1   SessionEnded: 1

2014/06/26 13:52:40.760  1460  4744 S0   CGatewaySession::ShowSponsoredSessionDialog(): Show SponsoredSession

2014/06/26 13:52:40.760  1460  4744 S0   ConnectionGuard: incoming remote control in sessions: 1(1)

2014/06/26 13:52:40.784  1484  1748 G1   DragDropManager: Aborting 0 copy operations

2014/06/26 13:52:40.784  1484  1748 G1   RA: RemoteAudioSender get stopped

2014/06/26 13:52:40.784  1484  1748 G1   RA: RemoteAudioSender get stopped

2014/06/26 13:52:40.784  1484  1748 G1   WindowObserverGUI::SessionEnded: 1

2014/06/26 13:52:40.846  1460  5452 S0   CStreamManager::~CStreamManager(): LimitedStreams: AccumulatedTime: 5896ms, 5571 limited sends triggered 1766 waits, 362 limits reached

2014/06/26 13:52:40.846  1460  5452 S0   CT13 CT.Run.LoopEnd

2014/06/26 13:52:40.846  1460  5452 S0   CT13 CT.Disconnect

2014/06/26 13:55:54.159  2420  3636 D1   CompressorThread: moving window, presented monitor: 1920x30x3600x1080, invisible monitor: 0x0x1920x1080

2014/06/26 13:55:54.159  2420  3636 D1   CompressorThread: moving window to 2052x218

2014/06/26 13:57:40.663  1484  1492 G1   CBuddyWindow::OnTimer(): System has become idle. TimeUntilIdle: 300000

2014/06/26 13:57:40.663  1484  1492 G1   CBuddyWindow::ChangeOnlineStateInternal: Setting online state to status:"ST_BL_AWAY" aos:"AOS_Away"

2014/06/26 13:57:40.663  1460  2200 S0   CSendCommandToMaster::SendBCommandToMaster: CC=3 CT=33

2014/06/26 13:57:41.007  1460  4484 S0   CT8 CT.Receive.CMD_ROUTERCMD From=918368562 To=141225331 L=98

2014/06/26 13:57:41.007  1460  4484 S0   CConnectionThread::ProcessBuddyCommandClient: CC=3 CT=1

2014/06/26 13:57:47.012  1484  1492 G1   CMainWindow::TrackIdleTime(): System goes idle. AdminRights:1 SystemTime:1403758667 LastAutoUpdate:1403445357 AutoUpdateMode:1

2014/06/26 13:59:31.564  1460  4484 S0   CT8 CConnectionThread::CmdPingRouter(): Router Pong Received with following Hops: 141225331 918368562

2014/06/26 14:12:36.252  1460  4224 S0   CT9 CT.Receive.Reconnecting nc_ret=1

2014/06/26 14:12:36.252  1460  4224 S0!  CT9 CConnectionThread::ReconnectInternal: Trying Reconnect

2014/06/26 14:12:37.750  1460  4224 S0   CloseSocketSafely(): Received and discard data. Dump: 

0000  11 30 1b 00 00 00 00 00 4a 06 00 00 ed 05 00 00           .0......J.......

0010  03 00 00 00 18 00 00 00                                   ........


2014/06/26 14:12:37.798  1460  3676 S0   CT9 CT.Send.CMD_RECONNECT_TO_SESSION From=141225331 To=743293067 L=8

2014/06/26 14:12:37.804  1460  4224 S0   CT9 CT.Receive.CMD_RECONNECT_TO_SESSION_ANSWER From=743293067 To=141225331 L=4

2014/06/26 14:12:37.804  1460  4224 S0   CT9 CConnectionThread::ReconnectInternal: Received positive answer from server

2014/06/26 14:12:37.804  1460  4224 S0   CT9 CConnectionThread::DoReconnect(): Reconnect performed successful.

2014/06/26 14:12:37.804  1460  4224 S0   CT9 CT.Receive reconnect succeeded

2014/06/26 14:12:37.804  1460  3676 S0   CConnectionThread::ReconnectSend(): Finished Waiting for Reconnect. Retval=1

2014/06/26 14:23:28.351  1460  4224 S0   CT9 CT.Receive.CMD_PARTNERRECONNECT From=743293067 To=141225331 L=16

2014/06/26 14:23:31.809  1460  4224 S0   CT9 CT.Receive.CMD_PARTNERRECONNECT From=743293067 To=141225331 L=16

2014/06/26 14:29:59.746  1460  4484 S0   CT8 CConnectionThread::CmdPingRouter(): Router Pong Received with following Hops: 141225331 918368562

2014/06/26 14:50:59.932  1460  2200 S0!! ZLib: inflate/deflate - no progress possible (not fatal)

2014/06/26 15:00:26.904  1460  4484 S0   CT8 CConnectionThread::CmdPingRouter(): Router Pong Received with following Hops: 141225331 918368562



0
댓글 41
  • profile
    WEBUS 2014.06.26 16:50
    보안상 막을건 다 막으신거 같은데....... 희한하네요.
    혹시라도 주변 지인이 옮기신건 아닌지?
  • ?
    minorminer 2014.06.26 17:10
    @WEBUS
    지인은 아닐까가 첫 번째로 든 생각은 아니었지만 지인은 아마도 힘들 듯싶어요.
    회사컴인데 워낙 작은 규모라서 따로 서버관리자를 두지는 않았었습니다.
    컴퓨팅에 뛰어난 자질을 가진 사람들도 없고요.
  • profile
    무녀리 2014.06.26 16:50
    얼마 안되는 양이 천백만 코인인가요?

    이상하게 해당주소에서 나간기록은 따로 안보이고

    한번만 트랜잭션이 일어난걸로 보이네요..

    비트코인트랜잭션로그 보다가 잭팟로그 보니 이해가 좀 안돼네요
  • ?
    minorminer 2014.06.26 17:12
    @무녀리
    천백 만이 제게는 소중하고 큰 양입니다.

    범인이 해킹에 사용하려고 새 주소를 만든 것같습니다.
  • ?
    Arthur 2014.06.26 16:57
    설마 공유기 암호가 기본암호는 아니죠?
    10자리 비밀번호라해도 초기의 공유기 AP이름과 기본 비밀번호라면
    회사마다 틀린데 약 30분에서 2시간이면 다뚤립니다.
  • ?
    minorminer 2014.06.26 17:12
    @Arthur
    기본암호는 아닙니다.
  • profile
    calmlake79 2014.06.26 17:05
    RPC 설정을 바꿨다는 의미는 RPC를 아예 못쓰게 막아 놓으셨다는 의미시죠?
  • ?
    minorminer 2014.06.26 17:14
    @calmlake79
    네, 1.2 버전의 지갑을 쓰고 있었기 때문에 conf 파일 자체가 없었는데
    지난 번 사태 이후로 못 쓰게 막아놓은 conf를 새로 설치했었습니다.
  • ?
    아하하호 2014.06.26 17:14
    팀뷰어 쓰세요?
    rpc 막은 후에 새로 지갑을 만드신 건가요?
    아니면 기존 지갑을 그대로 사용하면서 보안만 철저히 하신건가요?
    (이미 private key를 빼돌린 상황에서 지갑에 코인 모이기를 기다렸다가 가져간 걸 수도 있습니다.)
  • profile
    calmlake79 2014.06.26 17:24
    @아하하호
    기존에 rpc 가 열려있는 상황이었다면 rpc 를 이용해서 dumpprivkey 명령을 쓰면 private key 추출이 가능하긴 하죠..
    그럼 뭐 .. 그다음은 ㅡ.ㅡ;;;
  • ?
    minorminer 2014.06.26 18:22
    @calmlake79
    지갑 1.2는 conf 파일이 따로 존재하지 않더라도 POS때문에 기본적으로 RPC가 열려있었던 거죠?
    따로 conf 만들어서 막는 설정을 해주지 않는 이상엔.

    천만개의 잭팟은 오래전부터인데 지난 번 사태 때가 아닌 왜 오늘 이런 일이 벌어지는지 이해가 어렵네요.
  • ?
    김밥천당 2014.06.26 20:09
    @minorminer
    어떤 버전이든지 conf파일이 없으면 아예 RPC포트가 열리지 않습니다. 그리고 POS에 RPC포트 여는게 필수는 아닌걸로 압니다.
  • ?
    minorminer 2014.06.26 17:22
    팀뷰어 쓰고 있습니다.
    지갑은 새로 만들지 않았습니다.

    그럼 지난 사태 때 private key 빼돌린 후에 모니터링 하다가 오늘 사건이 일어난 걸 수도 있겠군요.

    같은 사람인 걸까요?
  • ?
    김밥천당 2014.06.26 17:28
    @minorminer
    저 안했습니다. 저와는 아무 관련 없습니다.
  • ?
    drjoon 2014.06.26 17:33
    팀뷰어 사용시 지갑이 unlock된 적이 있었나요?
    그럼 그 때 dumpprivkey를 했던지, wallet.dat를 가져갔던지 하지 않았을까 싶네요.
  • ?
    minorminer 2014.06.26 18:21
    @drjoon
    팀뷰어 사용시 지갑이 언락된 적이 많습니다.

    wallet.dat를 가져간 것 같지는 않습니다.
    그랬다면은 굳이 제 컴에 들어와서 전송을 할 필요가 없지 않을까싶은데요.
  • ?
    신세계 2014.06.26 17:35
    혹시 공유기 펌웨어 올해 최신버전인가요?
    펌웨어가 올해 최신버전이 아니라면 공유기에 암호가 걸려있어도
    없는거나 마찬가지입니다 (근데 이정도까지 해킹할정도면 다른쪽으로도 충분히 돈벌텐데 ㅍ.ㅍ)

    만일 최신 버전이라면, 좀 여러가지 경우의 수가 있겠네요
    근데 해외는 공유기 없이 다이렉트로 물린pc도 많은걸로 아는데 유독 한국쪽만 털린다는게
    찝찝하네요
  • ?
    minorminer 2014.06.26 17:43
    @신세계
    아이피타임 쓰는데 펌웨어가 8.대인 걸 보니 최신은 아닌 것 같습니다.

    이상한 일입니다.
    암호화화폐에 대한 관심도 적은 우리나라에서 유독 잭팟코인만 털어가는 걸까요?
  • ?
    김밥천당 2014.06.26 17:43
    추가 하신 내용에서 팀뷰어 접근흔적이 있다고 하셨습니다. 팀뷰어 로그파일을 지금 바로 백업하시고 접근기록을 분석해 보시기 바랍니다.

    기타 지갑파일들은 회사컴에 있으셨던건지 집컴에 있으셨던건지
    그리고 파일전송기록이 집 컴퓨터에 떴다고 하신것 같은데
    그럼 해커가 집컴퓨터로 들어온다음 집 컴퓨터에서 회사컴으로 팀뷰어 연결을 하고 서로간에 파일을 전송한 것인지 궁금하네요.
  • ?
    아이두 2014.06.26 17:57
    몇일전에 채굴장에 있는 채굴기를 접속하니 어떤놈이 접속하고 있더라구요 제가 채굴기 관리하는 팀뷰어 로그인하니까 제쪽으로 팀뷰어 채팅으로 왜 업데이트 하지 않냐? 보안이 더욱 강화된 업데이트다 하면서 자기가 설치해준다고 메세지보내더라구요? 해킹이구나 생각하고 대화만 하다가 안한다고 말았는데....
    팀뷰어 기본으로 쓰면 보안이 허술하긴 한가보더라구요...그때 채굴컴에 back door깔려있었고 그놈이 설치할려고 했던게 window update 2fator authentication .exe 이거였던거 같습니다...팀뷰어 접속한놈 아이디가 306 951 761인데 이걸로는 아무런 단서도 못잡겠지요?
  • ?
    김밥천당 2014.06.26 19:45
    @아이두
    혹시 팀뷰어 계정 만들어서 사용하셨었나요? 그리고 해당 아이디와 비번을 국내 비트코인 관련 타 사이트에서 똑같이 사용하신적이 있나요?
  • ?
    아이두 2014.06.26 20:03
    @김밥천당
    해킹당한 팀뷰어는 계정만들지 않았고요 관리하는 컴에서 로그인해서 컴퓨터 추가하는식으로 관리했습니다
    관리컴 이메일은 같고 비번은 다르게 사용했읍니다
  • ?
    김밥천당 2014.06.26 20:10
    @아이두
    네 감사합니다. 참고하겠습니다.
  • ?
    세윤 2014.06.26 18:21
    팀뷰어에 혹시 OTP 걸려 있는가요?
  • ?
    minorminer 2014.06.26 18:26
    @세윤
    아니요, 패스워드 하나를 쓰고 있었습니다.
  • profile
    J/제이 2014.06.26 19:32
    @minorminer
    팀뷰어를 계정 만들어서 로그인하는 식으로 쓰셨나요? 아니면 컴퓨터이름 숫자 + 랜덤패스워드를 쓰셨나요??
  • ?
    minorminer 2014.06.26 19:35
    @J/제이
    계정을 만들어서 로그인 했습니다.
  • ?
    김밥천당 2014.06.26 19:36
    @minorminer
    해당 아이디와 비밀번호를 국내에서 많이 사용하는 풀이나 비트코인관련 커뮤니티나 거래소와 똑같이 사용하신적 있나요?
    그리고 혹시 외국거래소에도 같은 아이디만이라도 사용하신적이 있다면 접속기록을 조회해 보시기 바랍니다.
  • profile
    금마 2014.06.26 18:29
    전에도 다른 분쪽에 팀뷰어 설치 PC 문제가 있지 않았나요? 팀뷰어 보안도 강화해야할 듯 합니다.
  • ?
    코인캐자 2014.06.26 18:52
    C:\Program Files\TeamViewer\Version9\Connections_incoming 요 파일에는 머라고 되있나요?
  • ?
    minorminer 2014.06.26 19:35
    @코인캐자
    본문에 삽입했습니다.
  • ?
    막대 2014.06.26 18:55
    팀뷰어 해킹 당하는 과정이 궁금하네요....아이디 비번도 모르는 타인이.... 상대가 잭팟을 가지고 있는건 또
    어떻게 알고 해킹 시도를 하는건가요?
  • ?
    minorminer 2014.06.26 19:37
    @막대
    그러게 말입니다.

    게다가 잭팟코인이 유독 한국에서만 땡글유저 중심으로 해킹 당하고 있는 게 아닌가하는 위험한 상상도 듭니다.
  • ?
    네모야 2014.06.26 19:39
    @막대
    잭팟 클라에 나오는 아이피 스캔해서 팀뷰어 쓰고 있으면 접속 시도 한것 같습니다.

    국내에서 잭팟 알수 있는 경로는 해외 아니면 땡글이니 모집단이 겹치는것은 어쩔수가..
  • ?
    김밥천당 2014.06.26 19:34
    잭팟 털어간 트랜잭션이 발생한 시간은 오늘 오후 1시 36분 이었습니다.
    올려주신 로그 상으로 봤을때 해커가 팀뷰어로 연결한 시간은 오늘 오후 1시 41분경 부터 입니다. 혹시 해당 컴퓨터에 설정된 시간이 실제 시간과 어긋나나요?
    만약 시간이 제대로 설정되어 있다면 좀더 앞쪽의 로그도 봐야할것 같습니다.
  • ?
    minorminer 2014.06.26 19:51
    @김밥천당
    시간은 정확합니다.

    앞선 로그도 올려뒀습니다.
  • ?
    김밥천당 2014.06.26 20:05
    @minorminer
    로그를 살펴본 결과 오전 11시 51분에 팀뷰어 번호 743293067로부터 접속이 있었고
    오후 1시 41분에 팀뷰어 번호 505689333 로부터 접속이 있었던것 같습니다.
  • ?
    코인캐자 2014.06.26 19:44
    집에서 쓰는 컴퓨터에 팀뷰어 전송 기록창이 떠있길래 라고 쓰신거보면
    일단 해킹당한 컴이 집에서 쓰는 컴퓨터 인가요?
  • ?
    minorminer 2014.06.26 19:52
    @코인캐자
    저는 일단 회사컴을 해킹하고나서 회사컴 팀뷰어 창에 떠있던 집컴으로
    접속 시도한 게 아닐까 의심하고 있습니다. 집 컴의 비트는 안가져갔더군요.

    집컴에서 팀뷰어를 통해 회사컴으로 접속해도 윈도우 계정 로그인 암호 때문에 접근이 불가능합니다.
  • ?
    Lodspirit 2014.06.26 19:56
    저같은 경우 공유기암호설정, rpc설정변경, vpn금지, 윈도우원격제어금지, 팀뷰어 제한된 접속자만 수락,
    지갑암호설정, 마지막으로 알려진포트와 개인적으로 사용하는 포트를 제외한 모든포트사용 제한을 걸어두고
    사용합니다. 위처럼 설정하실경우...해킹같은건...불가능에 가깝습니다...
    이중에서도 팀뷰어의 지정된 사용자만 접속허용은 꼭 필요한 필수설정요소입니다.
    이설정을 안하실경우 아이디와 비밀번호만 알면 접속이가능하기때문입니다...
  • profile
    wireshark 2014.06.26 20:23
    아직도 팀뷰어 보안설정을 안 하신 분들은 지금이라도 얼른 설정 하십시오. http://www.ddengle.com/board_free/732693

List of Articles
번호 제목 추천 수 조회 수 글쓴이 날짜
공지 땡글 시세표 시범 서비스 지원! 15 file 26 6974
땡글개발자
2019.06.06
공지 [Air Drop 이벤트] 게시판을 신설합니다 21 updatefile 1 47812
땡글운영위원회
2019.05.17
공지 신규회원 글쓰기 가능하려면? 126 update 1 6961
관리자
2018.12.18
2964 [올크립트, JPC] 경고문구가 떳네요. JPC NoticeBecause everyone who complains that AllCrypt has no volume is attempting to withdraw massive amounts of JPC suddenly to trade the same coin on Bittrex instead of just doing the trades here wh... 9 3278
꿀맨
2014.06.27
2963 잭팟은 호재가 많네요. 지갑에 다이스에 기능에.. 민팔까지! 이미 호재가 많은데, 며칠내로 기대되는 호재도 많네요.. 너무 많네요 너무..  축하드립니다. 12 2 1360
어른아이
2014.06.27
2962 또 다른 암호 발견했습니다!     구만팔오=그만팔아???   그런데 팔았으니  실패! 10 file 1 1400
막대
2014.06.27
2961 민팔 1 위 올려 놓으신 분은 누구신지요? 계속 서서히 하락하며 실망매물들이 계속 나왔었는데 아마도 그 시기에 많은 매물을 흡수한 분이 올렸나봅니다. 그 분이 땡글인이길 빌구요. 만약 아니라면 땡글인들이 물량을 많이 안 빼앗겼기를 바랍니다. ^^ 빠지... 9 1146
CKJS
2014.06.27
2960 18.824 누군가요 ㅋㅋㅋ 누가 매수창에 메시지 올렸네요. 빨리사라고ㅋㅋ 7 1035
1BTC
2014.06.27
2959 잭팟 트위터 폭격기 편대 출격합니다. 자... 이제 우리가 나설 때입니다. 트위터 폭격기 출격합니다. 하루 5차례 융단폭격 감행합시다. 지금 잠재투자자들이 도대체 잭팟코인이 뭔가 가장 주목할 때입니다. 여러분들의 기발한 상상력과 창조성이 절실히 요... 6 file 4 1374
atomrigs
2014.06.27
2958 Minpal과 Bter에 투표합시다~! 힘이 받을때는 더 힘을모아서 쭉쭉 치고나가는게 중요하다고 많이 느낍니다.. 실로 오랜만에 활기가 띄는것 같아 기분이 좋으면서도 긴장이 되네요. 지금 민팔에서는 2위인 Zimstake와 7백표정도 차이입니다. 다들 열... 2 1 1083
LTC드론
2014.06.27
2957 민팔로 옮기실분은 사전에 인출해두시는게 좋을듯... 민팔에 상장되면 비트렉스에서 일시적으로 인출을 중단시킬수도 있습니다. 민팔에서 거래하실분은 미리 인출해두시는게 좋을것 같습니다. 단, 보안은 철저히... 1 2 1189
creatune
2014.06.27
2956 왜 Mintpal에만 상장인지? 크립시에는 ? 저는 주로 크립시에서 거래하는 데, Mintpa에만 vote가 되는 군요. cryptsy는 800 밖에 없어요.(물론 저는 했어요) 이유가 있는 건가요? (Mintpal이 상장이 쉽다는 건지) 아님 순차적으로 상장 하는 건지. 코인 종류... 2 960
휴아유
2014.06.27
2955 카르마 코인 지갑 동기화 질문 카르마 코인 지갑(V0.8.6.2.5) 다운 받은 후 설치했는데 3일째 동기화가 안되고 있습니다.   conf 설정이 잘 못 된건가요?     5 file 2752
비코잡코
2014.06.27
2954 비트렉스 해킹 조심하세요.. 얼마전에 민트팔 계정 해킹 당할뻔 했다고 했습니다만.. 오늘 잭팟 확인하러, 비트렉스 들어가니, 누군가가 여러번 로그인 시도를 한것 같습니다.. 다들 각별히 계정 관리하십시요... 6 1745
현자
2014.06.27
2953 잭팟, 40 찍음. 먼 상황인지 모르겠네요... 민팔에선 누가 4비코 질러서 1등으로 만들더니,... 한사람이 계속 공격적으로 매수하는것 같습니다. 미처 다른 매수자들이 따라가지를 못할 정도네요... 이 상황 누가 아시면 댓글좀 달아... 16 3 1441
꿀맨
2014.06.27
2952 어라? 민팔에 잭팟이 투표 1위중이네요? 누가 이리 투표를 많이 했을까요;;; 그럼 다음주 월요일날부터 민팔에 트레이딩 가능한가요? 12 2 1216
오마이채굴
2014.06.27
2951 XC 가 달리네요. 간밤에 어떤 분이 몇천개를 천개단위로 나워서 사다리 타기 신공을 발휘하사.. 16까지 올리는데 성공 하셨네요.  계속 신공중... 얼마까지 오를려나?  전 신공에 말려서 그만 14에 정리... 12에 걸어 놨는데. 물량 정... 2 818
코인캐는코쟁이
2014.06.27
잭팟코인이 있는 컴퓨터 해킹 당했습니다. 제목 바꿨습니다.  '잭팟코인 해킹 당했습니다.' 에서 현재로. 공유기에 암호 걸려있고, 데스크탑에도 로그인 암호 걸려있고, 지난 번 해킹 사태 이후로 rpc 설정도 바꿔놨는데 가져갔군요. 제 잭팟코인이 전송된 지... 41 file 5458
minorminer
2014.06.26
2949 태클이 절대 아닙니다.... 태클이 아니고요. 잭팟코인과 까지노 코인의 차이점이 무엇이 있을까요? 컨셉? 젝팟터지는거? 그리고 속도? 제가보기에는 컨셉은 같고.. 젝팟타지는거랑 속도입니다. 제가 개인적인 생각으로 젝팟코인.. 제가 보기에... 33 1755
우정-논공청년
2014.06.26
2948 DRK 오르기 시작했네요.. 다크가 다시 움직입니다... ^^ 전 이른아침에 민방위 끝나고 0.0156에 진입성공 했습니다...  어디까지 오를까요... 기대기대 ^^ 다크 호재 있나요? 4 1538
우정-호현아빠
2014.06.26
2947 머천트 뱃지 리디자인 이 파일은 이미 잭팟에 보냈던 내용입니다. 3 file 4 931
1BTC
2014.06.26
2946 지갑에 대한 이해 - 검증 요청 결국 지갑의 가장 핵심 기능은 ... 머릿속에 넣어 놓기 어려운 private key를 사용자가 원하는 암호로 바꿔주는 것이 아닐까 생각됩니다. PC지갑이라면 wallet.dat에 &lt;private key, 사용자암호&gt; 의 쌍이 해쉬처리되어... 16 1145
drjoon
2014.06.26
2945 현재까지 잿팟코인 총발행량이 얼마인가요? 현재까지 잭팟코인의 총발행량은 얼마인가요? 10 1599
우정-논공청년
2014.06.26
목록
Board Pagination Prev 1 ... 826 827 828 829 830 831 832 833 834 835 ... 979 Next
/ 979