I was playing a game called K.ill O.n S.ite i was hacked…with what i assume was packet injection, targeted at ram… they loaded something labeled sf.bin which avast isolated… and so did comodo… but then they made an exception and allowed it in both programs… the prefetch files were labeled dc1 through 3… one for each time my pc shut down…
error messages:
something like violation of exception in cfp.exe it needs to be shut down… then K.O.S recieved an error stateing that it can not find memory address xxx, and can not read memory at address xxx… i closed the error windows… i ended the software with the open connections… and then bSOD siteing the same error numbers that cfp.exe error window stated…they basically found a way to create an exception, create a process, and then flood memory or tell it to read from memory that didnt exist… causeing windows to shut down…if i can get it to repeat regardless of what i do, i’ll get a screeny… but as it was happening within 3 seconds i had no control…and BSOD could not be prevented…anything in clipboard would then be erased… so i’ll take a picture / video of my screen if i have too
stealth ports was not enabled… no fw was on. untill the third time… even with everything enabled they still got through…all but stealth ports was enabled… fw protocol analysis was off …packet checksum was off…
image execution was turned on, but no files were told to be scanned… =c i swear i had windows system files in there…now i put everything i could in there…and made sure that sf.bin could not be accessed…useing several blocking features in comodo… i restricted it’s access rights and enabled all protections… now i can’t delete it, and it can’t be used or modified…
here is my defense log showing the blocking and exceptions and then allowing… the ones stateing july are from today… i set my time ahead one month for various reasons…they will be 7/1/2010 - 7/3/2010 etc…
[attachment deleted by admin]