Results 1 to 3 of 3

Thread: stickies.exe (but not always)

  1. #1
    Junior Member
    Join Date
    Nov 2009
    Posts
    2

    Default stickies.exe (but not always)

    Hi, xp sp3, latest spybot updates

    Never had detection about this file in the last days, then suddenly

    26/11/2009 18.06.53 Allowed (based on authenticode whitelist) value "itype" (new data: ""C:\Programmi\Microsoft IntelliType Pro\itype.exe"") added in System Startup global entry!
    26/11/2009 18.06.53 Encountered and terminated RXToolbar in C:\Programmi\stickies\stickies.exe!

    That stickies file, I think it was version 7.0a has been DELETED...
    There is no quarantine, that .exe has been just deleted...
    Installed stickies 7.0b, no detection, and then reinstalled 7.0a, same as before, without detection... !

    I think there's something related to the "mixing" of intellitype and stickies..
    stickies is clean also for virustotal...
    And NOW, spybot does not detect it, I had only ONE detection...

    What's happening ?

  2. #2
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    hello,

    it looks like this is one of the TeaTimer false positives that appear to be a result of an unknown state of the computer.
    In this case RXToolbar should not have been detected in the first place.
    Did this appear after an update and/or do you use other real time protection software?
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  3. #3
    Junior Member
    Join Date
    Nov 2009
    Posts
    2

    Default

    Not after an update, I update daily with command line parameters, this is update log, it checked for updates but last update is 25-11 :


    Code:
    22/11/2009 14.37.22 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    22/11/2009 21.33.38 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    23/11/2009 18.42.53 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    24/11/2009 9.08.13 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    24/11/2009 14.12.04 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    24/11/2009 16.48.48 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    25/11/2009 15.53.58 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    25/11/2009 15.54.19 downloaded update Detection rules: Malware
    25/11/2009 15.54.19  - URL: http://spybot.lfwd.org/updates/files/includes.malware.zip
    25/11/2009 15.54.19  - Local file: C:\Programmi\Spybot - Search & Destroy\Updates\includes.malware.zip
    25/11/2009 15.54.41 downloaded update Detection rules: Supplemental
    25/11/2009 15.54.41  - URL: http://spybot.lfwd.org/updates/files/supplemental.zip
    25/11/2009 15.54.41  - Local file: C:\Programmi\Spybot - Search & Destroy\Updates\supplemental.zip
    25/11/2009 15.55.44 downloaded update Detection rules: Update
    25/11/2009 15.55.44  - URL: http://spybot.lfwd.org/updates/files/includes.zip
    25/11/2009 15.55.44  - Local file: C:\Programmi\Spybot - Search & Destroy\Updates\includes.zip
    26/11/2009 18.03.19 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    26/11/2009 18.35.45 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    27/11/2009 8.54.03 Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)
    I use Spybot, Antivir and Outpost Firewall...
    I think this can be related to the Intellitype install, however...

    Stickies is clean , according to virustotal, spybot, antivir ...

    Another thing, DELETE files can be a problem, please add something like a QUARANTINE... I just clicked OK in the window, and find that stickies.exe was deleted... I didn't read anything about file deletion in teatimer window...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •