link icon
Ask The Community

Hacked, got the logs

Someone tried to get into a computer of ours with TeamViewer, and he was successfull

want to make sure they didnt get any data/passwords etc. can someone point out anything in the logs that may indicate such?

[logs removed per Community Guidelines]

Best Answer


  • Anton14
    Anton14 Posts: 1

    How do I stop team viewer accessing my phone and Ipad and laptop,  I have been hacked and all my details stolen 


  • voodooutt
    voodooutt Posts: 1

    I have the log files from when an individual logged into my computer.  I searched the IP address, it's india.

    I have locked all of my banking accounts down - credit cards - etc.

    What can I do about this - any way of tracing them?  I see the computer name they logged into and TV id - etc

  • AzariaK
    AzariaK Posts: 1

    Our computer was hacked through TeamViewer and the people changed the password. They made it so we cannot log into our computer at all without inputing a different password (the one I am assuming they used for TeamViewer, considering it doesn't look like the normal Windows login interface, and our normal password doesn't work). Can anyone help with this?

  • Someone was on my team viewer.  I have looked at both logs but I am not sure how to read the logs to see what they did.  Attached to this are both connection and use logs.

    It appears that the unknown log in was from 1xbet.  But i dont know how to read the primary log to see what they did?

  • Its really great that the team viewer team has no way for you to report being hacked or a way for you to send them your log files so that they can check and tell you what information was obtained while you were hacked.

    Really wonderful how that works.  

  • TotalPC
    TotalPC Posts: 87 ⭐Star⭐

    Hello @surethingboss ,

    Unfortunately, I don’t think TeamViewer logs what specific files are transferred, anywhere. However, there are some logs recorded that I hope will help.

    Within your TeamViewer program folder (C:\Program Files (x86)\TeamViewer\) you should find two logs Connections_incoming.txt and TeamViewer15_Logfile.log. Sort your folder by Date Modified and they should pop up right at the top. You can open the .log file in any text editor, notepad, word, etc..

    The Connections_incoming.txt log is fairly straight forward. It’s also tab delimited so you can even open it in Excel and it will format the log a little better to read. This will provide you with the TeamViewer ID, the name, start and end time of the connection, username, type of connection, and what seems to be a random ID of some kind.

    The TeamViewer15_Logfile.log file is more detailed and shows technical information about the program, events during connections, and much more.

    Using the start and end time of the connection in the easier to read Connections_incoming.txt log then referencing those times in the TeamViewer15_Logfile.log file you can at least determine if data was transferred and if it was a lot or a little. If you see “DataTransceiver” that is the data file transfer doing something. If you see a lot of “DataTransceiver: TransferProtocol => TransferProtocol::IsTransferRunning” and it lasting for a long time, a lot of data has been transferred depending on bandwidth. When you see “DataTransceiver: TransferProtocol => TransferProtocol::RemoveTransfer” that’s a file that has completed being transferred.

    I may be a little off, but I think that’s how it works.


    TeamViewer user since version 6 (2010). We used other remote software programs (TVNC UVNC PCAny) for many years before.
  • Hi! I hope someone can ease my mind or tell me what I need to know.

    I called Amazon customer service on Saturday but it turns out it was a fraudulent customer service number. The woman I spoke to told me to install the TeamViewer app so could fill out a return form. I got as far as installing the app on my iPad and reading her the nine digit number on the right side of the screen when it dawned on me that this was a scam.

    I hung up and deleted the app right away, within a minute or so.

    What are the chances she could have installed spyware or gotten information out of my iPad in that time? 

    Any information would be so appreciated. Thank you.