TeamViewer Forum

General Category => Teamviewer for Windows => Topic started by: adampembs on November 18, 2011, 06:42:44 AM

Title: Extortion attempt - log file
Post by: adampembs on November 18, 2011, 06:42:44 AM

A customer of mine was threatened with extortion last night after a cold caller phoned, got her to install TeamViewer, and then locked down the PC. I have done a virus scan, and found nothing, but several permissions have changed on files and folders, especially the deny permission to the everyone group on the c:\documents and settings folder plus several subfolders. It is running Windows 7 home premium SP1. I have the log file, can anyone help me interpret this? Ideally, I'd like to see what was done to the machine.

I can attach the log file, but unsure in case this exposes information that could leave my customr vulnerable, I guess this would only really be the IP address but maybe the mac address too..?

Title: Re: Extortion attempt - log file
Post by: ERS on November 18, 2011, 10:35:38 AM

Not sure who here can interpret the log, i would contact support directly, but lease post back what they find.  In the mean time, doing a system restore back to t a time prior to the attack would liekly reset the permission back to where they were before the attack.