Author Topic: Extortion attempt - log file  (Read 6259 times)

adampembs

  • Newbie
  • *
  • Posts: 1
Extortion attempt - log file
« on: November 18, 2011, 06:42:44 AM »
A customer of mine was threatened with extortion last night after a cold caller phoned, got her to install TeamViewer, and then locked down the PC. I have done a virus scan, and found nothing, but several permissions have changed on files and folders, especially the deny permission to the everyone group on the c:\documents and settings folder plus several subfolders. It is running Windows 7 home premium SP1. I have the log file, can anyone help me interpret this? Ideally, I'd like to see what was done to the machine.

I can attach the log file, but unsure in case this exposes information that could leave my customr vulnerable, I guess this would only really be the IP address but maybe the mac address too..?

ERS

  • Full Member
  • ***
  • Posts: 118
Re: Extortion attempt - log file
« Reply #1 on: November 18, 2011, 10:35:38 AM »
Not sure who here can interpret the log, i would contact support directly, but lease post back what they find.  In the mean time, doing a system restore back to t a time prior to the attack would liekly reset the permission back to where they were before the attack.