Jump to content
CCleaner Community Forums
Experimentalist

Apparent virus in version 2.32.1165

Recommended Posts

Hello all, same thing happening to me using CCleaner and Webroot. Identified trojan relayer jolleee, and is usaully in ie tempoary internet files,and is always a 18.5k file. Can be a png,jpg,etc, and one time a log file from combofix that just happened to be 18.5k in my root directory. I went to google images and searched "fish 18.5k" then ran CCleaner and Webroot hit a few of the images as jolleee trojan. I'm trying to see if it is a setting like 1,3 or whatever file deletion I pick problem,or some other setting. I uninstalled it a couple of times and reinstalled from Pirifrm site not File Hippo and still have it happening...........

So far I have got jolleee from Webroot after run cleaner from visiting Daily tech, drudge roeport, google etc., but it is not a trojan just something else I think.

Share this post


Link to post
Share on other sites

^ 5th case.

 

This is getting interesting.

Is Webroot playing a prank or something? Setting of false alarms all over the globe!? <_<

Share this post


Link to post
Share on other sites

^ 5th case.

 

This is getting interesting.

Is Webroot playing a prank or something? Setting of false alarms all over the globe!? <_<

 

I did manage to duplicte it on another machine so 6th case. My work box has Nod32, and my home box is Kaspersky.

I do not run Webroot on my home machine, but I installed it to see what would happen..., and it did.

Share this post


Link to post
Share on other sites

Now now ident, I'm sure you can be a bit more diplomatic than that, in fact I expect you to be :)

 

sorry, i really dont mean to come out the way i am some times,

 

always mean good

Share this post


Link to post
Share on other sites

Log from Webroot:

 

6/14/2010 3:12:36 PM: Sweep initiated using definitions version 1719

6/14/2010 3:12:07 PM: ApplicationMinimized - EXIT

6/14/2010 3:12:07 PM: ApplicationMinimized - ENTER

6/14/2010 3:09:50 PM: Restore from quarantine completed. Elapsed time 00:00:00

6/14/2010 3:09:50 PM: Processing: trojan-relayer-jolleee

6/14/2010 3:09:50 PM: Restore from quarantine initiated

6/14/2010 3:08:32 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:28:34 PM: IE Favorites Shield: Entry Allowed: http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform'>http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform

6/14/2010 2:28:34 PM: IE Favorites Shield: Entry Allowed: http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform

6/14/2010 2:26:13 PM: ApplicationMinimized - EXIT

6/14/2010 2:26:13 PM: ApplicationMinimized - ENTER

6/14/2010 2:26:09 PM: Deletion from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:26:09 PM: Deletion from quarantine initiated

6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:25:17 PM: Restore from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:25:17 PM: Restore from quarantine initiated

6/14/2010 2:23:44 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:23:43 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:23:42 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:15:52 PM: ApplicationMinimized - EXIT

6/14/2010 2:15:52 PM: ApplicationMinimized - ENTER

6/14/2010 2:15:51 PM: None

6/14/2010 2:15:51 PM: Traces Found: 0

6/14/2010 2:15:50 PM: Memory Sweep Complete, Elapsed Time: 00:00:31

6/14/2010 2:15:50 PM: Sweep Cancelled

6/14/2010 2:15:19 PM: Starting Memory Sweep

6/14/2010 2:15:01 PM: Start Full Sweep

6/14/2010 2:15:01 PM: Sweep initiated using definitions version 1719

6/14/2010 2:14:40 PM: Informational: ShieldEmail: Start monitoring port 25 for mail activities

6/14/2010 2:14:40 PM: Informational: ShieldEmail: Start monitoring port 110 for mail activities

6/14/2010 2:14:37 PM: Informational: Loaded AntiVirus Engine: 3.7.1; SDK Version: 4.53E; Virus Definitions: 06/14/2010 16:44:22 (GMT)

6/14/2010 2:14:30 PM: License Check Status (0): Success

6/14/2010 2:14:19 PM: Webroot Software 6.1.0.145 started

6/14/2010 2:14:19 PM: | Start of Session, Monday, June 14, 2010 |

***************

6/14/2010 2:11:22 PM: ApplicationMinimized - EXIT

6/14/2010 2:11:22 PM: ApplicationMinimized - ENTER

6/14/2010 2:11:21 PM: Deletion from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:11:21 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:11:21 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:11:21 PM: Deletion from quarantine initiated

6/14/2010 2:10:56 PM: ApplicationMinimized - EXIT

6/14/2010 2:10:56 PM: ApplicationMinimized - ENTER

6/14/2010 2:10:50 PM: None

6/14/2010 2:10:50 PM: Traces Found: 0

6/14/2010 2:10:50 PM: Context Folder Sweep has completed. Elapsed time 00:00:01

6/14/2010 2:10:50 PM: File Sweep Complete, Elapsed Time: 00:00:01

6/14/2010 2:10:49 PM: Starting File Sweep

6/14/2010 2:10:49 PM: Start Context Folder Sweep

6/14/2010 2:10:49 PM: Sweep initiated using definitions version 1719

6/14/2010 2:10:48 PM: Removal process completed. Elapsed time 00:00:01

6/14/2010 2:10:47 PM: Quarantining All Traces: trojan-relayer-jolleee

6/14/2010 2:10:47 PM: Removal process initiated

6/14/2010 2:10:05 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:10:05 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:09:59 PM: ApplicationMinimized - EXIT

6/14/2010 2:09:59 PM: ApplicationMinimized - ENTER

6/14/2010 2:09:39 PM: Traces Found: 1

6/14/2010 2:09:39 PM: Context File Sweep has completed. Elapsed time 00:00:00

6/14/2010 2:09:39 PM: File Sweep Complete, Elapsed Time: 00:00:00

6/14/2010 2:09:39 PM: C:\Documents and Settings\Legacy\Local Settings\Temporary Internet Files\Content.IE5\30o5rt79\index_32[1].jpg (ID = 5380529)

6/14/2010 2:09:39 PM: Found Trojan Horse: trojan-relayer-jolleee

6/14/2010 2:09:38 PM: Starting File Sweep

6/14/2010 2:09:38 PM: Start Context File Sweep

6/14/2010 2:09:38 PM: Sweep initiated using definitions version 1719

6/14/2010 2:08:50 PM: Restore from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:08:50 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:08:50 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:08:50 PM: Restore from quarantine initiated

6/14/2010 2:07:20 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:07:19 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:07:06 PM: ApplicationMinimized - EXIT

6/14/2010 2:07:06 PM: ApplicationMinimized - ENTER

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×