Highlighted
Posted by
Digon

Suspicious - did someone hack into my computer with TeamViewer?

Hi Community - hope all are well and safe!

I opened my computer and I saw a message "thank you for using TeamViewer...". and my wifi was shut off. I looked in the log files and it seems possibly suspicious (to my untrained eyes).

Trying to see if it is ok, not ok, or just one of my kids were pressing buttons trying to get into my computer.

How can I know if this is legit or not?

Logs (ID #s removed)

[Logfiles removed]

Thanks in advanced!

Binny

1 Accepted Solution

Accepted Solutions
Highlighted
Posted by Community Manager
Community Manager
Solution

Re: Suspicious - did someone hack into my computer with TeamViewer?

HI @Binny 

Thanks for your post.

You can check whether there was an incoming connection to your device via the file incoming_connections.txt in the TeamViewer folder.

As a side note: The logfiles look suspicious to close to everyone on this planet except our support team and dev teams who are trained to analyze them. Do not worry! I am dealing with TeamViewer for 8 years and I do not understand them!

Back to the topic: Did you give the access credentials (your TeamViewer ID and password) to anyone? If so, please change the password (dynamic and/or permanent password).

Don´t forget: A connection is only possible if someone has both: the ID and the password.

I hope this info helps you!

Best, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

View solution in original post

6 Replies
Highlighted
Posted by Community Manager
Community Manager
Solution

Re: Suspicious - did someone hack into my computer with TeamViewer?

HI @Binny 

Thanks for your post.

You can check whether there was an incoming connection to your device via the file incoming_connections.txt in the TeamViewer folder.

As a side note: The logfiles look suspicious to close to everyone on this planet except our support team and dev teams who are trained to analyze them. Do not worry! I am dealing with TeamViewer for 8 years and I do not understand them!

Back to the topic: Did you give the access credentials (your TeamViewer ID and password) to anyone? If so, please change the password (dynamic and/or permanent password).

Don´t forget: A connection is only possible if someone has both: the ID and the password.

I hope this info helps you!

Best, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

View solution in original post

Highlighted
Posted by
Digon

Re: Suspicious - did someone hack into my computer with TeamViewer?

Hi @Esther  - thanks.

 

Did you see my logfile? I see it was removed, even though I remvoved any numbers there.

WHat about these lines?

G1  DynamicPasswordUIModel::ShouldShowDynamicPassword():  dynPw=1  allowIncoming=1  id=xx  ka=0  lanAllowed=0  lanOnly=0  networkState=1  showDynPwd=0

InterProcessBase::SecureNetworkCallbackHandle destroyed (RegistrationID:...)

RCmdAckMap::RemoveAckHandler(): AckMapEntry not found, CmdID 12415, TargetID 13, SenderID: ..., AckResult: 8, Payload: 0 Bytes

 

Thanks!

Binny

Highlighted
Posted by Community Manager
Community Manager

Re: Suspicious - did someone hack into my computer with TeamViewer?

HI @Binny 

Thanks for your reply.

I am sorry but as I said I can not read logfiles. What I recommend you is having a look at this post about TeamViewer and scamming and if you want you can report a scam to our security team.

Thanks and sorry for the hassle,

Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by
Digon

Re: Suspicious - did someone hack into my computer with TeamViewer?

Thank you @Esther !

Highlighted
Posted by
Henagon

Re: Suspicious - did someone hack into my computer with TeamViewer?

Ester,

Did you mean file C:\Program Files (x86)\TeamViewer\Connections_incoming.txt?

I do not have file incoming_connections.txt.

Connections_incoming.txt seems to have all need. 

Thanks

Highlighted
Posted by Community Manager
Community Manager

Re: Suspicious - did someone hack into my computer with TeamViewer?

Yes - sorry! I mixed the words! This is what I meant. 

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started