dring Posted June 14, 2010 Share Posted June 14, 2010 Hello all, same thing happening to me using CCleaner and Webroot. Identified trojan relayer jolleee, and is usaully in ie tempoary internet files,and is always a 18.5k file. Can be a png,jpg,etc, and one time a log file from combofix that just happened to be 18.5k in my root directory. I went to google images and searched "fish 18.5k" then ran CCleaner and Webroot hit a few of the images as jolleee trojan. I'm trying to see if it is a setting like 1,3 or whatever file deletion I pick problem,or some other setting. I uninstalled it a couple of times and reinstalled from Pirifrm site not File Hippo and still have it happening........... So far I have got jolleee from Webroot after run cleaner from visiting Daily tech, drudge roeport, google etc., but it is not a trojan just something else I think. Link to comment Share on other sites More sharing options...
ishan_rulz Posted June 14, 2010 Share Posted June 14, 2010 ^ 5th case. This is getting interesting. Is Webroot playing a prank or something? Setting of false alarms all over the globe!? Simplicity is hard. Link to comment Share on other sites More sharing options...
dring Posted June 14, 2010 Share Posted June 14, 2010 ^ 5th case. This is getting interesting. Is Webroot playing a prank or something? Setting of false alarms all over the globe!? I did manage to duplicte it on another machine so 6th case. My work box has Nod32, and my home box is Kaspersky. I do not run Webroot on my home machine, but I installed it to see what would happen..., and it did. Link to comment Share on other sites More sharing options...
ident Posted June 14, 2010 Share Posted June 14, 2010 Now now ident, I'm sure you can be a bit more diplomatic than that, in fact I expect you to be sorry, i really dont mean to come out the way i am some times, always mean good No fate but what we make Link to comment Share on other sites More sharing options...
dring Posted June 14, 2010 Share Posted June 14, 2010 Log from Webroot: 6/14/2010 3:12:36 PM: Sweep initiated using definitions version 1719 6/14/2010 3:12:07 PM: ApplicationMinimized - EXIT 6/14/2010 3:12:07 PM: ApplicationMinimized - ENTER 6/14/2010 3:09:50 PM: Restore from quarantine completed. Elapsed time 00:00:00 6/14/2010 3:09:50 PM: Processing: trojan-relayer-jolleee 6/14/2010 3:09:50 PM: Restore from quarantine initiated 6/14/2010 3:08:32 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:28:34 PM: IE Favorites Shield: Entry Allowed: http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform'>http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform 6/14/2010 2:28:34 PM: IE Favorites Shield: Entry Allowed: http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform 6/14/2010 2:26:13 PM: ApplicationMinimized - EXIT 6/14/2010 2:26:13 PM: ApplicationMinimized - ENTER 6/14/2010 2:26:09 PM: Deletion from quarantine completed. Elapsed time 00:00:00 6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:26:09 PM: Deletion from quarantine initiated 6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:25:17 PM: Restore from quarantine completed. Elapsed time 00:00:00 6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:25:17 PM: Restore from quarantine initiated 6/14/2010 2:23:44 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:23:43 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:23:42 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:15:52 PM: ApplicationMinimized - EXIT 6/14/2010 2:15:52 PM: ApplicationMinimized - ENTER 6/14/2010 2:15:51 PM: None 6/14/2010 2:15:51 PM: Traces Found: 0 6/14/2010 2:15:50 PM: Memory Sweep Complete, Elapsed Time: 00:00:31 6/14/2010 2:15:50 PM: Sweep Cancelled 6/14/2010 2:15:19 PM: Starting Memory Sweep 6/14/2010 2:15:01 PM: Start Full Sweep 6/14/2010 2:15:01 PM: Sweep initiated using definitions version 1719 6/14/2010 2:14:40 PM: Informational: ShieldEmail: Start monitoring port 25 for mail activities 6/14/2010 2:14:40 PM: Informational: ShieldEmail: Start monitoring port 110 for mail activities 6/14/2010 2:14:37 PM: Informational: Loaded AntiVirus Engine: 3.7.1; SDK Version: 4.53E; Virus Definitions: 06/14/2010 16:44:22 (GMT) 6/14/2010 2:14:30 PM: License Check Status (0): Success 6/14/2010 2:14:19 PM: Webroot Software 6.1.0.145 started 6/14/2010 2:14:19 PM: | Start of Session, Monday, June 14, 2010 | *************** 6/14/2010 2:11:22 PM: ApplicationMinimized - EXIT 6/14/2010 2:11:22 PM: ApplicationMinimized - ENTER 6/14/2010 2:11:21 PM: Deletion from quarantine completed. Elapsed time 00:00:00 6/14/2010 2:11:21 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:11:21 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:11:21 PM: Deletion from quarantine initiated 6/14/2010 2:10:56 PM: ApplicationMinimized - EXIT 6/14/2010 2:10:56 PM: ApplicationMinimized - ENTER 6/14/2010 2:10:50 PM: None 6/14/2010 2:10:50 PM: Traces Found: 0 6/14/2010 2:10:50 PM: Context Folder Sweep has completed. Elapsed time 00:00:01 6/14/2010 2:10:50 PM: File Sweep Complete, Elapsed Time: 00:00:01 6/14/2010 2:10:49 PM: Starting File Sweep 6/14/2010 2:10:49 PM: Start Context Folder Sweep 6/14/2010 2:10:49 PM: Sweep initiated using definitions version 1719 6/14/2010 2:10:48 PM: Removal process completed. Elapsed time 00:00:01 6/14/2010 2:10:47 PM: Quarantining All Traces: trojan-relayer-jolleee 6/14/2010 2:10:47 PM: Removal process initiated 6/14/2010 2:10:05 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:10:05 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:09:59 PM: ApplicationMinimized - EXIT 6/14/2010 2:09:59 PM: ApplicationMinimized - ENTER 6/14/2010 2:09:39 PM: Traces Found: 1 6/14/2010 2:09:39 PM: Context File Sweep has completed. Elapsed time 00:00:00 6/14/2010 2:09:39 PM: File Sweep Complete, Elapsed Time: 00:00:00 6/14/2010 2:09:39 PM: C:\Documents and Settings\Legacy\Local Settings\Temporary Internet Files\Content.IE5\30o5rt79\index_32[1].jpg (ID = 5380529) 6/14/2010 2:09:39 PM: Found Trojan Horse: trojan-relayer-jolleee 6/14/2010 2:09:38 PM: Starting File Sweep 6/14/2010 2:09:38 PM: Start Context File Sweep 6/14/2010 2:09:38 PM: Sweep initiated using definitions version 1719 6/14/2010 2:08:50 PM: Restore from quarantine completed. Elapsed time 00:00:00 6/14/2010 2:08:50 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:08:50 PM: Processing: trojan-relayer-jolleee 6/14/2010 2:08:50 PM: Restore from quarantine initiated 6/14/2010 2:07:20 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:07:19 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0 6/14/2010 2:07:06 PM: ApplicationMinimized - EXIT 6/14/2010 2:07:06 PM: ApplicationMinimized - ENTER Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now