Advertising (This ad goes away for registered users. You can Login or Register)

Do you think they say it...

Discuss security issues on computers here.
Content that is judged "dangerous" might be removed without prior notice
Locked
PHtmlP241
Banned
Posts: 7
Joined: Sun Mar 04, 2012 1:12 am

Do you think they say it...

Post by PHtmlP241 »

Ok so I ran a usb pocketknife (find it on the hak5 forums) on a school computer. After I ran it Trendo Micro Office Scan Client poped up with a virus and I immedietly unplugged my flashdrive. a little while later I was looking up info about jobs in IT and the someone connected to the computer via a vnc sever running on it and restarted the computer. Is there any chance they saw anything and If so, why didnt they do anythig about it yet? They had like 6 hours to confront me about it. My friend said that if they ask tell them that you were using the computer and trend micro poped up and then the computer restarted and you don't know why. I had my flash drive already unplugged when they connected to the computer they have not attempted to connect back to check on me so I think that trendo micro told them that my computer had a virus and they fixed it and restarted it via vnc and didn't see anything obviosly wrong so they didnt do anything else.

Code: Select all

------------------------------- ---------------------------------------------------------------------------------------------- 
Leapos Payload [Time Started: Tue 03/06/2012  8:08:32.57] 
----------------------------------------------------------------------------------------------------------------------------- 
Computer Name is: ETL-07 and the Logged on User Is:  removed by op
----------------------------------------------------------------------------------------------------------------------------- 
+----------------------------------+ 
+          [System info]           + 
+----------------------------------+ 


Windows IP Configuration



        Host Name . . . . . . . . . . . . : ETL-07

        Primary Dns Suffix  . . . . . . . :  removed by op

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . :  removed by op

                                             removed by op



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :  removed by op

        Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network Connection

        Physical Address. . . . . . . . . : 00-21-70- removed by op

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . :  removed by op

        Subnet Mask . . . . . . . . . . . : 255.255.0.0

        Default Gateway . . . . . . . . . :  removed by op

        DHCP Class ID . . . . . . . . . . : ET

        DHCP Server . . . . . . . . . . . :  removed by op

        DNS Servers . . . . . . . . . . . :  removed by op

                                             removed by op

        Primary WINS Server . . . . . . . :  removed by op

        Secondary WINS Server . . . . . . :  removed by op

        Lease Obtained. . . . . . . . . . : Tuesday, March 06, 2012 7:46:26 AM

        Lease Expires . . . . . . . . . . : Wednesday, March 14, 2012 7:46:26 AM

----------------------------------------------------------------------------------------------------------------------------- 
+----------------------------------+ 
+         [Dump SAM FGDUMP]        + 
+----------------------------------+ 
fgDump 2.1.0 - fizzgig and the mighty group at foofus.net
Written to make j0m0kun's life just a bit easier
Copyright(C) 2008 fizzgig and foofus.net
fgdump comes with ABSOLUTELY NO WARRANTY!
This is free software, and you are welcome to redistribute it
under certain conditions; see the COPYING and README files for
more information.

--- Session ID: 2012-03-06-13-08-33 ---

>> A new worker thread has been created with the ID: 00000d84 <<
Starting dump on 127.0.0.1

** Beginning local dump **
INFO: skipping cachedump on 127.0.0.1 because 127.0.0.1.cachedump exists or I was told to skip cache dumps
INFO: skipping dump of protected storage secrets on 127.0.0.1 because 127.0.0.1.lsadump exists or I was told to skip LSA dumps
Skipping impersonation (no user provided)
OS (127.0.0.1): Microsoft Windows XP Professional Service Pack 3 (Build 2600)  
Trend is running on this machine, shutting it down for a bit...
ERROR OpenService: 5 - Access is denied.


ERROR OpenService: 5 - Access is denied.


Unable to stop any Trend services, see previous errors for details.
Error dumping server 127.0.0.1, see previous messages for details
Terminating thread 00000d84 (lpszServer is NULL)

-----Summary-----

Failed servers:
127.0.0.1

Successful servers:
NONE

Total failed: 1
Total successful: 0
 
-----Hashes----- 
 
E:\LOGS\ETL-07\ETL-07-[20120306-080829].log
The process cannot access the file because it is being used by another process.
Could Not Find E:\LOGS\ETL-07\127.0.0.1*
----------------------------------------------------------------------------------------------------------------------------- 
+----------------------------------+ 
+           [Dump IE PW]           + 
+----------------------------------+ 
==================================================
Entry Name        : https://accounts.google.com/servicelogin
Type              : AutoComplete
Stored In         : Registry
User Name         :  removed by op
Password          : 
==================================================

----------------------------------------------------------------------------------------------------------------------------- 
+----------------------------------+ 
+        [Dump Product Keys]       + 
+----------------------------------+ 
==================================================
Product Name      : Microsoft Windows XP
Product ID        :  removed by op
Product Key       :  removed by op
Installation Folder : C:\WINDOWS
Service Pack      : Service Pack 3
Computer Name     : ETL-07
==================================================

==================================================
Product Name      : Internet Explorer
Product ID        :  removed by op
Product Key       :  removed by op
Installation Folder : 
Service Pack      : 
Computer Name     : ETL-07
==================================================

==================================================
Product Name      : Microsoft Office SharePoint Designer 2007
Product ID        :  removed by op
Product Key       :  removed by op
Installation Folder : C:\Program Files\Microsoft Office\Office12\
Service Pack      : 
Computer Name     : ETL-07
==================================================

==================================================
Product Name      : Microsoft Office Enterprise 2007
Product ID        :  removed by op
Product Key       :  removed by op
Installation Folder : C:\Program Files\Microsoft Office\Office12\
Service Pack      : 
Computer Name     : ETL-07
==================================================

==================================================
Product Name      : Microsoft Office Project Professional 2007
Product ID         :  removed by op
Product Key       :  removed by op
Installation Folder : C:\Program Files\Microsoft Office\Office12\
Service Pack      : 
Computer Name     : ETL-07
==================================================

==================================================
Product Name      : Microsoft Office Visio Professional 2007
Product ID        :  removed by op
Product Key       :  removed by op
Installation Folder : C:\Program Files\Microsoft Office\Office12\
Service Pack      : 
Computer Name     : ETL-07
==================================================

 
----------------------------------------------------------------------------------------------------------------------------- 
Leapos Payload [Time Finished: Tue 03/06/2012  8:08:34.96] 
----------------------------------------------------------------------------------------------------------------------------- 
Advertising
Suprgamr232
Posts: 21
Joined: Sun Apr 15, 2012 11:11 pm

Re: Do you think they say it...

Post by Suprgamr232 »

Meh, I wouldn't worry about it. Usually schools tech departments are the smartest in the world, I've had some pretty crazy experiences with mine. Just...don't do it again, or if you have individual student accounts try and get access to another account and use that next time. I know I shouldn't encourage you, but I see no harm in what you're doing...;)
Advertising
Image
m0skit0
Guru
Posts: 3817
Joined: Mon Sep 27, 2010 6:01 pm

Re: Do you think they say it...

Post by m0skit0 »

Suprgamr232 wrote:Usually schools tech departments are the smartest in the world
I just had to ****.
I wanna lots of mov al,0xb
Image
"just not into this RA stuffz"
Disturbed0ne
Retired Mod
Posts: 3787
Joined: Sun Jan 16, 2011 5:44 am
Location: In a van, down by the river!
Contact:

Re: Do you think they say it...

Post by Disturbed0ne »

m0skit0 wrote:
Suprgamr232 wrote:Usually schools tech departments are the smartest in the world
I just had to ****.
Reminds me of that old saying "Those who can't DO, teach" :lol:

Kids these days, eh? :lol:
DO NOT MESSAGE ME ABOUT THE NAME OF ANY NINJA RELEASE GAME! I WILL NOT PROVIDE YOU WITH THE NAME OF THE GAME AND IF YOU PERSIST THEN I WILL REPORT YOU TO THE STAFF!
I AM A RETIRED MODERATOR!
Suprgamr232
Posts: 21
Joined: Sun Apr 15, 2012 11:11 pm

Re: Do you think they say it...

Post by Suprgamr232 »

m0skit0 wrote:
Suprgamr232 wrote:Usually schools tech departments are the smartest in the world
I just had to ****.
Yeah that was sarcasm heh <.<
Image
Locked

Return to “Security”