Hi

I just had this happen to me , and doing a google on it i found this link, is it an infection?
http://forums.spybot.info/showthread.php?p=237004

it showed as 2 infections, win32adclicker.jo
c program files spybot search and destroy updates tea timer 161 zip tea timer exe.

computer associates av cleaned it once, then on the main interface showed 2 infections not cleaned both the same.

i did not want to run spybot not knowing what was there.

this came up while i was scanning a photo , starting to, also had fire fox open no other windows, had just checked yahoo e mail and there was a letter i deleted did not open.

vista home premium amd 64 athlon x2 4600, 160 hd 160 hd 250 ext hd dr
sps&d, lavasoft, ca av, epson perfection v200 photo scan
thanks
:confused:
should i uninstall s&d?

I already posted something about this...

See it here: http://forums.spybot.info/showthread.php?t=34498

Thanks

I saw your link on google and here but i see no follow up to it, i was provided this from another site the below? I am not sure, does any one else know? Have you run spybot since you got this infection ?
thanks
below what i was provided

Print these instructions out.


Edit: Removed.

Hello rebel3229,

Please see: http://forums.spybot.info/showthread.php?t=1266



I saw your link on google and here but i see no follow up to it,

Please allow time for a detective to respond.

Best regards. :)

thanks
i posted it in the mal ware forum
hope we can cure this soon

thanks
should i leave spybot installed, i dopn't know what it popped up from the scanner? my scanner or is it an infected update, that ca found?

rebel3229:

I just scanned teatimer161.zip with VIRUSTOTAL - Free Online Virus and Malware Scan (http://www.virustotal.com/en/indexf.html). eTrust is the only product out of 36 scanners that thinks there is a problem with the file. It is most likely a false positive that should be reported to them.


File teatimer161.zip received on 09.23.2008 08:42:53 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED


Result: 1/36 (2.78%)
Loading server information...
Your file is queued in position: 2.
Estimated start time is between 42 and 60 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:


Antivirus Version Last Update Result

AhnLab-V3 2008.9.23.0 2008.09.22 -
AntiVir 7.8.1.34 2008.09.22 -
Authentium 5.1.0.4 2008.09.22 -
Avast 4.8.1195.0 2008.09.22 -
AVG 8.0.0.161 2008.09.22 -
BitDefender 7.2 2008.09.23 -
CAT-QuickHeal 9.50 2008.09.23 -
ClamAV 0.93.1 2008.09.23 -
DrWeb 4.44.0.09170 2008.09.23 -
eSafe 7.0.17.0 2008.09.22 -
eTrust-Vet 31.6.6099 2008.09.22 Win32/Adclicker.JO
Ewido 4.0 2008.09.22 -
F-Prot 4.4.4.56 2008.09.22 -
F-Secure 8.0.14332.0 2008.09.23 -
Fortinet 3.113.0.0 2008.09.23 -
GData 19 2008.09.23 -
Ikarus T3.1.1.34.0 2008.09.23 -
K7AntiVirus 7.10.467 2008.09.22 -
Kaspersky 7.0.0.125 2008.09.23 -
McAfee 5389 2008.09.22 -
Microsoft 1.3903 2008.09.23 -
NOD32v2 3462 2008.09.23 -
Norman 5.80.02 2008.09.19 -
Panda 9.0.0.4 2008.09.22 -
PCTools 4.4.2.0 2008.09.22 -
Prevx1 V2 2008.09.23 -
Rising 20.63.10.00 2008.09.23 -
Sophos 4.33.0 2008.09.23 -
Sunbelt 3.1.1662.1 2008.09.23 -
Symantec 10 2008.09.23 -
TheHacker 6.3.0.9.091 2008.09.23 -
TrendMicro 8.700.0.1004 2008.09.23 -
VBA32 3.12.8.5 2008.09.23 -
ViRobot 2008.9.23.1388 2008.09.23 -
VirusBuster 4.5.11.0 2008.09.22 -
Webwasher-Gateway 6.6.2 2008.09.23 -

Additional information
File size: 908058 bytes
MD5...: 8ce69756e42e201e89da9624358cff22
SHA1..: 71e7738ed9e0e85815b33e542bb3d57958f4bf95
SHA256: c81baa0da84527feef2b4d09991dd138f13a25d7a19aae5c8e4b1408723d5ad2
SHA512: e2edaf648d7cfbb2858a1b7a20d3e69064c29bbfbbf72907f6c9c906495663de
1c9a3593627603cb0e6034fc01e7fd5892d7650bd156c36c777a20e587540a03
PEiD..: -
TrID..: File type identification
ZIP compressed archive (100.0%)
PEInfo: -

Hi folks,

1st post, long time user. :clown:

Just so we don't feel alone, CA is zapping malwarebytes, also.

I had a user decide to disable their CA, and open a whynotdoit.com email at the same time. :oops:

Plugged in my USB, and both Spybot and Malwaebytes were zapped. Went to the server, hoping it was her email that did it, and my server versions were gone, too. :sad:

Better days ahead... :laugh:

Hello,

Thanks for reporting.
That is a false positive from E Trust.

Their software detects our TeaTimer and our main program file as win32/adclicker.jo.
Hopefully they will fix it soon.
We have already contacted them.

Several users have complaint about this problem

Best regards
Sandra
Team Spybot

Latest sig file from CA (6101) resolves this error

Thanks

I have not had any more issues.

Thanks again