« previous next »
Pages: 1 [2]   Go Down

Author Topic: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?  (Read 10479 times)

Offline RRBM [NL]

  • Full Member
  • ***
  • Posts: 123
  • That's a Frag Folks!
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #15 on: April 30, 2008, 02:06:30 AM »
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline RRBM [NL]

  • Full Member
  • ***
  • Posts: 123
  • That's a Frag Folks!
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #16 on: April 30, 2008, 02:16:55 AM »
English translation of the french page http://www.commentcamarche.net/forum/affich-5868128-virus-backdoor-dob-mem with help from google translate (http://www.google.com/translate_t) :

http://www.google.com/translate?u=http%3A%2F%2Fwww.commentcamarche.net%2Fforum%2Faffich-5868128-virus-backdoor-dob-mem&langpair=fr%7Cen&hl=nl&ie=UTF8
http://www.google.com/translate?u=http%3A%2F%2Fwww.commentcamarche.net%2Fforum%2Faffich-5868128-virus-backdoor-dob-mem&langpair=fr%7Cen&hl=nl&ie=UTF8
« Last Edit: April 30, 2008, 02:21:53 AM by RRBM [NL] »
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline [BTF]Sigma

  • Phenomenally Prodigious Member
  • **
  • Posts: 3059
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #17 on: April 30, 2008, 06:23:10 AM »
Nothing is detected in safemode, unfortunately. I'll try all those proggys that you have recommended RRBM[NL], thanks.

Running a full scan in windows defender and heading out for a run. Finger's Crossed.
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline reaper

  • Opulent Member
  • *
  • Posts: 2872
  • Nice night for a walk, eh? - Nice night for a walk
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #18 on: April 30, 2008, 06:56:19 AM »
did you try the sysinternals thing qwazy mentioned, I bet that shows you something in purple, or highlights something obvious as purple.  since the virus is tied to svchost that's where you should check!

 :yessign:
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
VaeVictus "reaper is a lying sack of shit and ragequit then had, probably slugs, come alias and beat me, wasnt even the same person playing OBVIOUSLY, accuracies basicly doubled, and strategy

Offline [BTF]Sigma

  • Phenomenally Prodigious Member
  • **
  • Posts: 3059
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #19 on: April 30, 2008, 07:06:10 AM »
Nothing showed up...opera was running in that vibrant purple but I noticed nothing else.
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline reaper

  • Opulent Member
  • *
  • Posts: 2872
  • Nice night for a walk, eh? - Nice night for a walk
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #20 on: April 30, 2008, 07:34:43 AM »
you want to see which service is messing up your computer. 

you can turn them off one by one (sometimes they will come back - which indicates which service might be the problem as well).  so if you look at process explorer, and see what services svchost is tied to, you can turn off those services (resource consumption may be a sign of the problem, and process explorer will show what each service is doing).

once you find out what the offending service is by
1) turning off services (making sure they stay off), and determing when the problem goes away
2) looking at resource usage of the services, since the virus seems to be eating them sometimes

then you can delete the bad files, which are probably in some place under the windows directory.  sometimes you can just search the windows directory and it's obvious.   i don't really do this stuff, but i've worked with some people that can usually just take a quick look at process explorer, then go to the windows directory and find something odd.

if symantec said it found a virus in memory running as a service, that's where i'd be looking.  and also turning things off to make the machine run faster, run spybot and lavasoft adware too..
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
VaeVictus "reaper is a lying sack of shit and ragequit then had, probably slugs, come alias and beat me, wasnt even the same person playing OBVIOUSLY, accuracies basicly doubled, and strategy

Offline [BTF]Sigma

  • Phenomenally Prodigious Member
  • **
  • Posts: 3059
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #21 on: April 30, 2008, 07:55:29 AM »
So I began to stop a process in procexp and it crashed (the program, not my PC)

Mass grrrrrrrrr-idge
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline Whirlingdervish

  • Super ShortBus Extravaganza
  • Illimitable Sesquipedalian Member
  • *
  • Posts: 6384
    • View Profile
    • The Dervish Depository
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #22 on: April 30, 2008, 08:21:00 AM »
you might try using the search function to locate any files created on the day/time that the vscan message appeared, and the problems began..

That's how I tend to narrow down the search when I'm manually attempting to scrub out an infection..
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline [BTF]Sigma

  • Phenomenally Prodigious Member
  • **
  • Posts: 3059
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #23 on: April 30, 2008, 08:27:54 AM »
Good idea
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline [BTF]Sigma

  • Phenomenally Prodigious Member
  • **
  • Posts: 3059
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #24 on: April 30, 2008, 07:19:20 PM »
Hmm... it looks like on that day Apple's Safari decided it would install itself onto my computer. Joy. I guess those Mac vs PC commercials have it all wrong...Mac is the new Microsoft!!!

Head for the hills!!!!! 



This post brought to you by my lack of action and beer....mmmm beer
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline [BTF]Sigma

  • Phenomenally Prodigious Member
  • **
  • Posts: 3059
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #25 on: April 30, 2008, 07:49:34 PM »
OK so I have been running F-Secure's online scanner and I have 2 virii and 2 spywares so far....spybot and adaware is up next after I do a run to the store.
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline [BTF]Sigma

  • Phenomenally Prodigious Member
  • **
  • Posts: 3059
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #26 on: May 02, 2008, 09:53:24 PM »
Thanks for all your help, gentlemen.

Nailed it. (no longer suffering stutters and such.)

I believe it was a combo of Adaware and Spybot that detected 406 items to be removed/quarantined.

Looks like I totally forgot to install Spybot and Adaware when I last reformatted so all that crap flooded in.

Learned a bunch of new tricks though.  Hat's off to you.
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus

Offline Art

  • Carpal Tunnel Member
  • ******
  • Posts: 1095
    • View Profile
  • Rated:
Re: "BackDoor-DOB!mem" wtf is it and what can I do to remove it?
« Reply #27 on: May 02, 2008, 10:16:11 PM »
I ditched adaware and spybot for avg anti-spyware. They bought out ewido.
Logged
  • Insightful
    Informative
    Funny
    Nice Job / Good Work
    Rock On
    Flawless Logic
    Well-Reasoned Argument and/or Conclusion
    Demonstrates Exceptional Knowlege of the Game
    Appears Not to Comprehend Game Fundamentals
    Frag of the Week
    Frag Hall of Fame
    Jump of the Week
    Jump Hall of Fame
    Best Solution
    Wins The Internet
    Whoosh! You done missed the joke thar Cletus!
    Obvious Troll Is Obvious
    DO YOU EVEN LIFT?
    DEMO OR STFU
    Offtopic
    Flamebait
    Redundant
    Factually Challenged
    Preposterously Irrational Arguments
    Blindingly Obvious Logical Fallacies
    Absurd Misconstrual of Scientific Principles or Evidence
    Amazing Conspiracy Theory Bro
    Racist Ignoramus
Pages: 1 [2]   Go Up
« previous next »
 

El Box de Shoutamente

Last 10 Shouts:

 

RyU

September 03, 2024, 05:15:49 PM
And wow Derrick is still playing lol
 

RyU

September 03, 2024, 05:15:15 PM
Just know yesterday is gone and soon tomorrow will be gone too  :)
 

Lejionator

August 08, 2024, 07:28:01 PM
It's tiem to QuakeCon!!!  ;)

https://www.youtube.com/watch?v=ThQd_UJaTys
 

ImperiusDamian

July 26, 2024, 09:34:53 PM
In nomine Quake II et Id Software et Spiritus John Carmack, Amen.
 

QuakeDuke

July 26, 2024, 05:10:30 PM
Hey, shout, summertime blues
Jump up and down in you blue suede shoes
Hey, did you rock and roll? Rock on!!  ...QD
 

Yotematoi

July 24, 2024, 01:31:20 PM
Ayer me mato 5 veces para robarme en la vida real hará lo mismo? [img]<iframe src="https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fzoloyoze.torito%2Fposts%2Fpfbid0wXU2VgS7atesBcSoMz5BWMJCJajeZFVT6GzSU6TtpJGddN9kLTvWNgcZaskkbKFQl&amp;show_text=true&amp;width=500
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fzoloyoze.torito%2Fposts%2Fpfbid0wXU2VgS7atesBcSoMz5BWMJCJajeZFVT6GzSU6TtpJGddN9kLTvWNgcZaskkbKFQl&show_text=true&width=500" width="500"
 

Yotematoi

July 24, 2024, 01:25:59 PM
hi ya está la basura de Martin, se cambió el nombre es un ladron estupido, asi llegó a 10000[img]<iframe src="https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fzoloyoze.torito%2Fposts%2Fpfbid03hZrkDUBJPZKCuFgy5hRUy831ekKJYVRzC7ajXaKQbJ6xcPgKftLukUDfovFyEq3l&amp;show_text
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fzoloyoze.torito%2Fposts%2Fpfbid03hZrkDUBJPZKCuFgy5hRUy831ekKJYVRzC7ajXaKQbJ6xcPgKftLukUDfovFyEq3l&show_text
 

Yotematoi

July 24, 2024, 01:25:59 PM
hi ya está la basura de Martin, se cambió el nombre es un ladron estupido, asi llegó a 10000[img]<iframe src="https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fzoloyoze.torito%2Fposts%2Fpfbid03hZrkDUBJPZKCuFgy5hRUy831ekKJYVRzC7ajXaKQbJ6xcPgKftLukUDfovFyEq3l&amp;show_text
https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fzoloyoze.torito%2Fposts%2Fpfbid03hZrkDUBJPZKCuFgy5hRUy831ekKJYVRzC7ajXaKQbJ6xcPgKftLukUDfovFyEq3l&show_text
 

-Unh0ly-

July 05, 2024, 05:20:36 AM
https://unh0lyquakeii.godaddysites.com/[/i]

Show 50 latest

User

Welcome, Guest. Please login or register.
September 20, 2024, 07:56:59 AM

Login with username, password and session length

Search