Billieo

L

LionZion

Computer Judah
Member
I noticed a Billeo program from hijack this log file in my computer that seems out of place, should I delete it or what should I do with this problem?
I am also doing a general malware check up on my computer!
 

Attachments

  • Extras.Txt
    57.7 KB · Views: 73
  • DDS.txt
    47.7 KB · Views: 63
  • Attach.txt
    13.8 KB · Views: 99
  • aswMBR.txt
    4.8 KB · Views: 96
  • hijackthis.log
    10.1 KB · Views: 56
  • Gmer.log
    240.7 KB · Views: 59
  • Report.txt
    280.4 KB · Views: 155
  • startup.txt
    4.9 KB · Views: 57

My Computer

System One

My Computer

System One

  • Manufacturer/Model
    Build #1
    CPU
    Intel Core i7 3770K @4.4GHz
    Motherboard
    ASUS P8Z77-V PRO
    Memory
    Corsair Vengeance 2x4GB DDR3 1600MHz Low Profile (White)
    Graphics Card(s)
    Gigabyte Radeon HD 7850 (2GB GDDR5)
    Sound Card
    Integrated on motherboard
    Monitor(s) Displays
    23" LG LCD/LED IPS
    Screen Resolution
    1920*1080
    Hard Drives
    Samsung EVO 128GB SSD
    Seagate Barracuda 2TB 7200rpm
    2x500GB Seagate FreeAgent 5400rpm
    PSU
    Corsair TX650W V2 (80+ Bronze)
    Case
    NZXT Phantom 410
    Cooling
    Corsair H100 Water Cooler, 1x140mm and 1x120mm stock fans
    Keyboard
    Microsoft Desktop 2000 Wireless Keyboard
    Mouse
    Microsoft Desktop 2000 Wireless Mouse
    Internet Speed
    95 Mb/s Download 70 Mb/s Upload
tom982 said:
Stay away from P2P programs such as utorrent, trust me, they'll do more harm than good. A perfect example of this being that you've got some seriously nasty malware on your computer that's going to take a lot of getting rid of.

Run TDSSKiller for me please: How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?

In the mean time, I'll get our security expert to do the rest - I'm way out of my depth, this is bad

Tom
Click to expand...

Here is the file!
 

Attachments

  • TDSSKiller.2.5.3.0_27.05.2011_16.03.48_log.txt
    64 KB · Views: 73

My Computer

System One

I don't know what to do with that log, our security expert will be here when she can - please be patient due to time zones etc. We haven't forgotten you!

I suggest that you don't use this computer and on a clean computer change all of your passwords

Tom
 

My Computer

System One

  • Manufacturer/Model
    Build #1
    CPU
    Intel Core i7 3770K @4.4GHz
    Motherboard
    ASUS P8Z77-V PRO
    Memory
    Corsair Vengeance 2x4GB DDR3 1600MHz Low Profile (White)
    Graphics Card(s)
    Gigabyte Radeon HD 7850 (2GB GDDR5)
    Sound Card
    Integrated on motherboard
    Monitor(s) Displays
    23" LG LCD/LED IPS
    Screen Resolution
    1920*1080
    Hard Drives
    Samsung EVO 128GB SSD
    Seagate Barracuda 2TB 7200rpm
    2x500GB Seagate FreeAgent 5400rpm
    PSU
    Corsair TX650W V2 (80+ Bronze)
    Case
    NZXT Phantom 410
    Cooling
    Corsair H100 Water Cooler, 1x140mm and 1x120mm stock fans
    Keyboard
    Microsoft Desktop 2000 Wireless Keyboard
    Mouse
    Microsoft Desktop 2000 Wireless Mouse
    Internet Speed
    95 Mb/s Download 70 Mb/s Upload
Jacee mentioned a day or two ago that she would be away for a few days.
Ill see if Corrine is available.
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS420
    Memory
    6 gig
    Graphics Card(s)
    ATI Radeon HD3650 256 MB
    Sound Card
    Intergrated 7.1 Channel Audio
    Monitor(s) Displays
    Dell SP2009W 20 inch Flat Panel w Webcam
    Hard Drives
    640 gb
    Cooling
    Fan
    Keyboard
    Dell USB
    Mouse
    Dell USB 4 button optical
    Other Info
    DSL provided by ATT
Oh that explains it, I must have missed that post. I didn't know Corrine was here at VF - I thought she was only over at SF?

Tom
 

My Computer

System One

  • Manufacturer/Model
    Build #1
    CPU
    Intel Core i7 3770K @4.4GHz
    Motherboard
    ASUS P8Z77-V PRO
    Memory
    Corsair Vengeance 2x4GB DDR3 1600MHz Low Profile (White)
    Graphics Card(s)
    Gigabyte Radeon HD 7850 (2GB GDDR5)
    Sound Card
    Integrated on motherboard
    Monitor(s) Displays
    23" LG LCD/LED IPS
    Screen Resolution
    1920*1080
    Hard Drives
    Samsung EVO 128GB SSD
    Seagate Barracuda 2TB 7200rpm
    2x500GB Seagate FreeAgent 5400rpm
    PSU
    Corsair TX650W V2 (80+ Bronze)
    Case
    NZXT Phantom 410
    Cooling
    Corsair H100 Water Cooler, 1x140mm and 1x120mm stock fans
    Keyboard
    Microsoft Desktop 2000 Wireless Keyboard
    Mouse
    Microsoft Desktop 2000 Wireless Mouse
    Internet Speed
    95 Mb/s Download 70 Mb/s Upload
I'm way out of my depth, this is bad
Click to expand...
Why do you say that, Tom? CD Emulators such as Daemon Tools use rootkit-like techniques to hide from other applications and to circumvent copy protections. They can interfere with investigative or anti-rootkit (ARK) tools, such interference producing misleading or inaccurate scan results, as well as false detection of legitimate file, schemes.

~~~~~~~~~~~~~~~

Hi, LionZion.

Billeo is a password manager. However, since you have KeePass, you wouldn't need it. It is showing as a leftover. Perhaps you had it installed at one time and uninstalled it. You can remove the entry with HijackThis:

Close all programs leaving only HijackThis running. Place a check against the following, making sure you do not check anything else by mistake:

O9 - Extra button: Billeo - {97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - (no file) (HKCU)

Click on Fix Checked when finished and exit HijackThis.

You already have the most recent Java update but have an old, vulnerable version still installed. Go to add/remove programs and remove the following vulnerable version of Java:

Java(TM) 6 Update 2

Please download JavaRa and unzip it to your desktop.


  • Double-click on JavaRa.exe to start the program. (Windows Vista users Right-click JavaRa.exe > Select Run as Administrator)
  • Click on Remove Older Versions to remove older versions of Java.
  • A logfile will pop up. Please save it to a convenient location.


Based on IOBit's past practices, I wouldn't run it on my computer. See the following for additional information:
-- IOBit Steals Malwarebytes' Intellectual Property
-- IOBit’s Denial of Theft Unconvincing
-- IOBit Theft Conclusion.

Other than the Billeo entry in HJT (not shown in the DDS log), how is your computer?
 

My Computer

System One

Corrine said:
I'm way out of my depth, this is bad
Click to expand...
Why do you say that, Tom? CD Emulators such as Daemon Tools use rootkit-like techniques to hide from other applications and to circumvent copy protections. They can interfere with investigative or anti-rootkit (ARK) tools, such interference producing misleading or inaccurate scan results, as well as false detection of legitimate file, schemes.
Click to expand...

I didn't know that, thanks for informing me :) I saw the unknown MBR code in the aswMBR log and thought it looked like a rootkit.

Tom
 

My Computer

System One

  • Manufacturer/Model
    Build #1
    CPU
    Intel Core i7 3770K @4.4GHz
    Motherboard
    ASUS P8Z77-V PRO
    Memory
    Corsair Vengeance 2x4GB DDR3 1600MHz Low Profile (White)
    Graphics Card(s)
    Gigabyte Radeon HD 7850 (2GB GDDR5)
    Sound Card
    Integrated on motherboard
    Monitor(s) Displays
    23" LG LCD/LED IPS
    Screen Resolution
    1920*1080
    Hard Drives
    Samsung EVO 128GB SSD
    Seagate Barracuda 2TB 7200rpm
    2x500GB Seagate FreeAgent 5400rpm
    PSU
    Corsair TX650W V2 (80+ Bronze)
    Case
    NZXT Phantom 410
    Cooling
    Corsair H100 Water Cooler, 1x140mm and 1x120mm stock fans
    Keyboard
    Microsoft Desktop 2000 Wireless Keyboard
    Mouse
    Microsoft Desktop 2000 Wireless Mouse
    Internet Speed
    95 Mb/s Download 70 Mb/s Upload
Last edited:

My Computer

System One

  • Manufacturer/Model
    HP/Compac Pasario SR
    CPU
    Single 3.42Ghz rated 4.0
    Motherboard
    Unknown
    Memory
    3GB
    Graphics Card(s)
    3450 series ATI Radeon 512MB
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    CRT 17' Compac
    Screen Resolution
    1440x900
    Hard Drives
    150GB/OS
    40GB/Internal/storage
    Case
    Black 5 USB Ports/CD/DVD RW/R
    Cooling
    Double Fans/Single CPU Fan
    Keyboard
    HP
    Mouse
    USB Optical Mouse Optimal/Stobe
tom982 said:
Corrine said:
I'm way out of my depth, this is bad
Click to expand...
Why do you say that, Tom? CD Emulators such as Daemon Tools use rootkit-like techniques to hide from other applications and to circumvent copy protections. They can interfere with investigative or anti-rootkit (ARK) tools, such interference producing misleading or inaccurate scan results, as well as false detection of legitimate file, schemes.
Click to expand...

I didn't know that, thanks for informing me :) I saw the unknown MBR code in the aswMBR log and thought it looked like a rootkit.

Tom
Click to expand...

I too Also saw that. Please disreguard my post if it is not MBR code/rootkit.
Sorry. I will stay out of this one.
:)
 

My Computer

System One

  • Manufacturer/Model
    HP/Compac Pasario SR
    CPU
    Single 3.42Ghz rated 4.0
    Motherboard
    Unknown
    Memory
    3GB
    Graphics Card(s)
    3450 series ATI Radeon 512MB
    Sound Card
    Realtek HD Audio
    Monitor(s) Displays
    CRT 17' Compac
    Screen Resolution
    1440x900
    Hard Drives
    150GB/OS
    40GB/Internal/storage
    Case
    Black 5 USB Ports/CD/DVD RW/R
    Cooling
    Double Fans/Single CPU Fan
    Keyboard
    HP
    Mouse
    USB Optical Mouse Optimal/Stobe
You must log in or register to reply here.
Back
Top