Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Analyse teamviewer log to find out if my machine has been accessed
New Posts  All Forums:Forum Nav:

Analyse teamviewer log to find out if my machine has been accessed

post #1 of 8
Thread Starter 
I have seen some posts about people with teamviewer being hacked and so on and I have had it on my laptop for some time and I'm wondering what I should be looking for to find out if my laptop has been compromised with it. I'm asking because recently I've had emails from services I use asking to change my password, like the emails you get when you forgot your password and ask for the email to be sent. I've changed the passwords on those services and anything that use them and I'm just trying to find out if teamviewer is responsible for any of my details being found out. I found the logfile for teamviewer but I'm not sure what I should be looking for. I tried scrolling through just to have a general look thinking I could work it out myself but this is around 4000 lines long and i'm really not sure what to look for. Any help?

Also, I have not used teamviewer in some time but it has ran in the background for any time I'd need it like in classes or whatever. Im just looking for if it has been accessed.
Edited by SnakeBiteScares - 7/4/16 at 7:05pm
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
post #2 of 8
https://www.teamviewer.com/en/company/press/statement-on-potential-teamviewer-hackers/
Heisenberg
(15 items)
 
  
CPUMotherboardGraphicsGraphics
core i7 4790k maximus vi hero z87 asus gtx 980 strix asus gtx 980 strix 
RAMHard DriveCoolingOS
g.skill trident x OCZ vertex 4 - 512gb custom water cooling Windows 8.1 
MonitorKeyboardPowerCase
benq xl2420te  corsair k65 rgb  evga p2 1000 fractal design define r5 
MouseMouse PadAudio
logitech G700 corsair large sized gaming pad supreme fx iii w/ akg k7xx massdrop first edition 
  hide details  
Reply
Heisenberg
(15 items)
 
  
CPUMotherboardGraphicsGraphics
core i7 4790k maximus vi hero z87 asus gtx 980 strix asus gtx 980 strix 
RAMHard DriveCoolingOS
g.skill trident x OCZ vertex 4 - 512gb custom water cooling Windows 8.1 
MonitorKeyboardPowerCase
benq xl2420te  corsair k65 rgb  evga p2 1000 fractal design define r5 
MouseMouse PadAudio
logitech G700 corsair large sized gaming pad supreme fx iii w/ akg k7xx massdrop first edition 
  hide details  
Reply
post #3 of 8
Thread Starter 
This doesn't help.
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
post #4 of 8
Quote:
Originally Posted by SnakeBiteScares View Post

This doesn't help.

I tried to figure this out myself to no avail. I had one Android connection to my machine showing it came from a town 50 miles from me. I have an android phone, so I was hoping it was my phone bouncing off some cell towers as I was in my hometown all that day, but I know for sure that I did connect to my PC on that day. The only thing I can recommend is to look at the logs and find a connection that you know was legit and then compare all the others to it to look for inconsistencies. I didn't find any myself. If you figure out a way to tell for sure, let us all know. Good luck.
Black Sunshine II
(16 items)
 
Wife's Rig
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon x5675 B1 @ 4.0 Gigabyte GA-X58A-UD3R v.2.0 Gigabyte Radeon 460 Mushkin Blackline 12GB (3x4GB) DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
120GB Intel 510 SSD Samsung 1TB F1 LiteOn iHAS324-98 Y Cougage Tru Spirit (lapped) with Akasa Viper Pu... 
OSMonitorPowerCase
Windows 10 Pro 64bit Dual Asus 24 inch 1080P TN Corsair TX650 Cheapo Antec 
Mouse
Logitech Wireless 
  hide details  
Reply
Black Sunshine II
(16 items)
 
Wife's Rig
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon x5675 B1 @ 4.0 Gigabyte GA-X58A-UD3R v.2.0 Gigabyte Radeon 460 Mushkin Blackline 12GB (3x4GB) DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
120GB Intel 510 SSD Samsung 1TB F1 LiteOn iHAS324-98 Y Cougage Tru Spirit (lapped) with Akasa Viper Pu... 
OSMonitorPowerCase
Windows 10 Pro 64bit Dual Asus 24 inch 1080P TN Corsair TX650 Cheapo Antec 
Mouse
Logitech Wireless 
  hide details  
Reply
post #5 of 8
Thread Starter 
I think I worked it out. Under "C:\Program Files (x86)\TeamViewer\" there is a file called connections_incoming.txt and the connections there are from back when I used teamviewer myself. Looking at this I can't see any connections in the timeframe between there so I can't say that it was because of teamviewer being used by someone else to access my machine
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
post #6 of 8
Quote:
Originally Posted by SnakeBiteScares View Post

I think I worked it out. Under "C:\Program Files (x86)\TeamViewer\" there is a file called connections_incoming.txt and the connections there are from back when I used teamviewer myself. Looking at this I can't see any connections in the timeframe between there so I can't say that it was because of teamviewer being used by someone else to access my machine

I actually didn't have a connections_incoming.txt. I got the information on the connections to my machine by logging into the teamviewer website and going to the console. I thought it was strange and that maybe a hacker had deleted my connections_incoming.txt. However, based on my review of my logs, I don't think that happened. However, I'll never be sure. I changed lots of my main passwords as a result.
Black Sunshine II
(16 items)
 
Wife's Rig
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon x5675 B1 @ 4.0 Gigabyte GA-X58A-UD3R v.2.0 Gigabyte Radeon 460 Mushkin Blackline 12GB (3x4GB) DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
120GB Intel 510 SSD Samsung 1TB F1 LiteOn iHAS324-98 Y Cougage Tru Spirit (lapped) with Akasa Viper Pu... 
OSMonitorPowerCase
Windows 10 Pro 64bit Dual Asus 24 inch 1080P TN Corsair TX650 Cheapo Antec 
Mouse
Logitech Wireless 
  hide details  
Reply
Black Sunshine II
(16 items)
 
Wife's Rig
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon x5675 B1 @ 4.0 Gigabyte GA-X58A-UD3R v.2.0 Gigabyte Radeon 460 Mushkin Blackline 12GB (3x4GB) DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
120GB Intel 510 SSD Samsung 1TB F1 LiteOn iHAS324-98 Y Cougage Tru Spirit (lapped) with Akasa Viper Pu... 
OSMonitorPowerCase
Windows 10 Pro 64bit Dual Asus 24 inch 1080P TN Corsair TX650 Cheapo Antec 
Mouse
Logitech Wireless 
  hide details  
Reply
post #7 of 8
Thread Starter 
I have changed a lot of mine too. I'm not sure how you don't have that file. I have uninstalled it now since I no longer use it even if there are or aren't security issues with it.
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
Beastly SFF
(15 items)
 
 
Asus ZenFone 2
(7 items)
 
CPUMotherboardGraphicsRAM
i7 6700k Gigabyte GA-Z170N-WIFI Gigabyte GeForce GTX Titan X Corsair Vengeance LPX 16GB (2x8GB) DDR4 2400MHz 
Hard DriveHard DriveHard DriveCooling
120GB Samsung 850 Evo M.2 500GB Samsung 850 Evo 240GB OCZ Trion Noctua L9i 
OSMonitorKeyboardPower
Windows 10 Home Iiyama XU2390HS 23" 1920x1080 71Hz Das Keyboard 4C with custom keycaps Silverstone SX500-LG 500W 
CaseMouseAudio
Silverstone ML08B-H Logitech G502 Proteus Core Sennheiser HD598SE 
CPUMotherboardGraphicsGraphics
Intel i7 4790k @ 5GHz MSI Z97S Krait Edition XFX R9 270X XFX R9 270X 
RAMHard DriveHard DriveCooling
16GB Kingston HyperX 1600MHz WD Blue 1TB 7200RPM WD Blue 1TB 7200RPM Noctua DH14 
OSMonitorKeyboardPower
Windows 10 32" Philips TV 1366x768 Logitech G910 Orion Spark EVGA SuperNova 1000W 80+ Gold 
CaseMouseMouse PadAudio
Zalman Z5 Mad Catz Rat 5 A4 Page Superlux HD668B 
CPUGraphicsRAMHard Drive
Intel Atom Z3580 2.33GHz PowerVR Rogue G6430 457MHz 4GB LPDDR3 64GB Internal + 64GB SD 
OSMonitorPower
Android 5.0 5.5" 1080 x 1920 3000mAh 
  hide details  
Reply
post #8 of 8
Quote:
Originally Posted by SnakeBiteScares View Post

I have changed a lot of mine too. I'm not sure how you don't have that file. I have uninstalled it now since I no longer use it even if there are or aren't security issues with it.

Yes, it was strange. I had deleted all the connections from within the console on the website before I checked. I thought that maybe it phoned home and deleted it. So, I then added connections and it created a new incoming_connections.txt. So, I went back to the console on the web and deleted them again to see if it would delete the text file, but it didn't. Very strange.
Black Sunshine II
(16 items)
 
Wife's Rig
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon x5675 B1 @ 4.0 Gigabyte GA-X58A-UD3R v.2.0 Gigabyte Radeon 460 Mushkin Blackline 12GB (3x4GB) DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
120GB Intel 510 SSD Samsung 1TB F1 LiteOn iHAS324-98 Y Cougage Tru Spirit (lapped) with Akasa Viper Pu... 
OSMonitorPowerCase
Windows 10 Pro 64bit Dual Asus 24 inch 1080P TN Corsair TX650 Cheapo Antec 
Mouse
Logitech Wireless 
  hide details  
Reply
Black Sunshine II
(16 items)
 
Wife's Rig
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon x5675 B1 @ 4.0 Gigabyte GA-X58A-UD3R v.2.0 Gigabyte Radeon 460 Mushkin Blackline 12GB (3x4GB) DDR3 1600 
Hard DriveHard DriveOptical DriveCooling
120GB Intel 510 SSD Samsung 1TB F1 LiteOn iHAS324-98 Y Cougage Tru Spirit (lapped) with Akasa Viper Pu... 
OSMonitorPowerCase
Windows 10 Pro 64bit Dual Asus 24 inch 1080P TN Corsair TX650 Cheapo Antec 
Mouse
Logitech Wireless 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Analyse teamviewer log to find out if my machine has been accessed