Apparent virus in version 2.32.1165

CCleaner for Windows CCleaner Windows Bug Reporting
21

Just me guessing:

Maybe it's not the toolbar after all, but instead the update checker that runs now during setup to make sure people aren't installing a old version. Now that I could see as possibly setting off an AV looking for any behaviour that may seem out of the ordinary.

22

Wow! 3 Cases. Webroot really needs to check their signature now, and yeah, I have to agree with ident, get Avira Free Edition if you must! :)

23

I have the same problem...every time I run it it finds the Trojan ...Enough to scare me.BTW I run spysweeper.

24

^ 4th Case! :mellow:

EDIT: Webroot Spysweeper ranks pretty low in the AV list, get a better AV! :)

25

Shouldn't need a ticket, most Av's have false postive reporting sections (or features in the actual software)

26

Hello all, same thing happening to me using CCleaner and Webroot. Identified trojan relayer jolleee, and is usaully in ie tempoary internet files,and is always a 18.5k file. Can be a png,jpg,etc, and one time a log file from combofix that just happened to be 18.5k in my root directory. I went to google images and searched "fish 18.5k" then ran CCleaner and Webroot hit a few of the images as jolleee trojan. I'm trying to see if it is a setting like 1,3 or whatever file deletion I pick problem,or some other setting. I uninstalled it a couple of times and reinstalled from Pirifrm site not File Hippo and still have it happening...........

So far I have got jolleee from Webroot after run cleaner from visiting Daily tech, drudge roeport, google etc., but it is not a trojan just something else I think.

27

^ 5th case.

This is getting interesting.

Is Webroot playing a prank or something? Setting of false alarms all over the globe!? <_<

28

^ 5th case.

This is getting interesting.

Is Webroot playing a prank or something? Setting of false alarms all over the globe!? <_<

I did manage to duplicte it on another machine so 6th case. My work box has Nod32, and my home box is Kaspersky.

I do not run Webroot on my home machine, but I installed it to see what would happen..., and it did.

29

Now now ident, I'm sure you can be a bit more diplomatic than that, in fact I expect you to be :)

sorry, i really dont mean to come out the way i am some times,

always mean good

30

Log from Webroot:

6/14/2010 3:12:36 PM: Sweep initiated using definitions version 1719

6/14/2010 3:12:07 PM: ApplicationMinimized - EXIT

6/14/2010 3:12:07 PM: ApplicationMinimized - ENTER

6/14/2010 3:09:50 PM: Restore from quarantine completed. Elapsed time 00:00:00

6/14/2010 3:09:50 PM: Processing: trojan-relayer-jolleee

6/14/2010 3:09:50 PM: Restore from quarantine initiated

6/14/2010 3:08:32 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:28:34 PM: IE Favorites Shield: Entry Allowed: http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform'>http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform

6/14/2010 2:28:34 PM: IE Favorites Shield: Entry Allowed: http://secunia.com/community/forum/thread/show/4504/trojan_relayer_jolleee_webroot_piriform

6/14/2010 2:26:13 PM: ApplicationMinimized - EXIT

6/14/2010 2:26:13 PM: ApplicationMinimized - ENTER

6/14/2010 2:26:09 PM: Deletion from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:26:09 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:26:09 PM: Deletion from quarantine initiated

6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:25:55 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:25:17 PM: Restore from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:25:17 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:25:17 PM: Restore from quarantine initiated

6/14/2010 2:23:44 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:23:43 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:23:42 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:15:52 PM: ApplicationMinimized - EXIT

6/14/2010 2:15:52 PM: ApplicationMinimized - ENTER

6/14/2010 2:15:51 PM: None

6/14/2010 2:15:51 PM: Traces Found: 0

6/14/2010 2:15:50 PM: Memory Sweep Complete, Elapsed Time: 00:00:31

6/14/2010 2:15:50 PM: Sweep Cancelled

6/14/2010 2:15:19 PM: Starting Memory Sweep

6/14/2010 2:15:01 PM: Start Full Sweep

6/14/2010 2:15:01 PM: Sweep initiated using definitions version 1719

6/14/2010 2:14:40 PM: Informational: ShieldEmail: Start monitoring port 25 for mail activities

6/14/2010 2:14:40 PM: Informational: ShieldEmail: Start monitoring port 110 for mail activities

6/14/2010 2:14:37 PM: Informational: Loaded AntiVirus Engine: 3.7.1; SDK Version: 4.53E; Virus Definitions: 06/14/2010 16:44:22 (GMT)

6/14/2010 2:14:30 PM: License Check Status (0): Success

6/14/2010 2:14:19 PM: Webroot Software 6.1.0.145 started

6/14/2010 2:14:19 PM: | Start of Session, Monday, June 14, 2010 |

***************

6/14/2010 2:11:22 PM: ApplicationMinimized - EXIT

6/14/2010 2:11:22 PM: ApplicationMinimized - ENTER

6/14/2010 2:11:21 PM: Deletion from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:11:21 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:11:21 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:11:21 PM: Deletion from quarantine initiated

6/14/2010 2:10:56 PM: ApplicationMinimized - EXIT

6/14/2010 2:10:56 PM: ApplicationMinimized - ENTER

6/14/2010 2:10:50 PM: None

6/14/2010 2:10:50 PM: Traces Found: 0

6/14/2010 2:10:50 PM: Context Folder Sweep has completed. Elapsed time 00:00:01

6/14/2010 2:10:50 PM: File Sweep Complete, Elapsed Time: 00:00:01

6/14/2010 2:10:49 PM: Starting File Sweep

6/14/2010 2:10:49 PM: Start Context Folder Sweep

6/14/2010 2:10:49 PM: Sweep initiated using definitions version 1719

6/14/2010 2:10:48 PM: Removal process completed. Elapsed time 00:00:01

6/14/2010 2:10:47 PM: Quarantining All Traces: trojan-relayer-jolleee

6/14/2010 2:10:47 PM: Removal process initiated

6/14/2010 2:10:05 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:10:05 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:09:59 PM: ApplicationMinimized - EXIT

6/14/2010 2:09:59 PM: ApplicationMinimized - ENTER

6/14/2010 2:09:39 PM: Traces Found: 1

6/14/2010 2:09:39 PM: Context File Sweep has completed. Elapsed time 00:00:00

6/14/2010 2:09:39 PM: File Sweep Complete, Elapsed Time: 00:00:00

6/14/2010 2:09:39 PM: C:\Documents and Settings\Legacy\Local Settings\Temporary Internet Files\Content.IE5\30o5rt79\index_32[1].jpg (ID = 5380529)

6/14/2010 2:09:39 PM: Found Trojan Horse: trojan-relayer-jolleee

6/14/2010 2:09:38 PM: Starting File Sweep

6/14/2010 2:09:38 PM: Start Context File Sweep

6/14/2010 2:09:38 PM: Sweep initiated using definitions version 1719

6/14/2010 2:08:50 PM: Restore from quarantine completed. Elapsed time 00:00:00

6/14/2010 2:08:50 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:08:50 PM: Processing: trojan-relayer-jolleee

6/14/2010 2:08:50 PM: Restore from quarantine initiated

6/14/2010 2:07:20 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:07:19 PM: File System Shield: found: Trojan Horse: trojan-relayer-jolleee, version 1.0.0.0

6/14/2010 2:07:06 PM: ApplicationMinimized - EXIT

6/14/2010 2:07:06 PM: ApplicationMinimized - ENTER