lance_kidd Posted October 4, 2009 I have an entry that keeps showing up on my computer. I clear it out and SAS fixes the problem and then a couple of days later, it shows back up again. SAS is the only spyware program to even recognize it. I've done a search on google and can't find any information. The only thing that I can possibly narrow it down to is a program that my children go to on the internet called "Roblox." The trojan is getting on there while they are playing on the computer and the only thing I can figure is that it's coming from this. I may be totally wrong about that though. Here is the entry: Trojan.Agent/Gen-Mondlike-STS Why is it that Malwarebytes and others do not recognize this entry? Share this post Link to post Share on other sites
SUPERAntiSpy Posted October 7, 2009 I have an entry that keeps showing up on my computer. I clear it out and SAS fixes the problem and then a couple of days later, it shows back up again. SAS is the only spyware program to even recognize it. I've done a search on google and can't find any information.The only thing that I can possibly narrow it down to is a program that my children go to on the internet called "Roblox." The trojan is getting on there while they are playing on the computer and the only thing I can figure is that it's coming from this. I may be totally wrong about that though. Here is the entry: Trojan.Agent/Gen-Mondlike-STS Why is it that Malwarebytes and others do not recognize this entry? Post the full SUPERAntiSpyware scan log here for review please. Share this post Link to post Share on other sites
lance_kidd Posted October 13, 2009 SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 10/07/2009 at 01:59 AM Application Version : 4.29.1002 Core Rules Database Version : 4150 Trace Rules Database Version: 2079 Scan type : Complete Scan Total Scan Time : 00:58:34 Memory items scanned : 566 Memory threats detected : 0 Registry items scanned : 7947 Registry threats detected : 49 File items scanned : 34750 File threats detected : 19 Trojan.Agent/Gen-Mondlike-STS HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF} HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF} HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF} HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\Implemented Categories HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\InprocServer32 HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\InprocServer32#ThreadingModel HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\ProgID HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\Programmable HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\TypeLib HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\VERSION HKCR\PlsaturnSfm.Plsaturn HKCR\PlsaturnSfm.Plsaturn\Clsid HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15} HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0 HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\0 HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\0\win32 HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\FLAGS HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\HELPDIR C:\WINDOWS\SYSTEM32\PLSATURN.DLL HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC} HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\ProxyStubClsid HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\ProxyStubClsid32 HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\TypeLib HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\TypeLib#Version HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F} HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\ProxyStubClsid HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\ProxyStubClsid32 HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\TypeLib HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\TypeLib#Version HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE} HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\ProxyStubClsid HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\ProxyStubClsid32 HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\TypeLib HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\TypeLib#Version HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4} HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\ProxyStubClsid HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\ProxyStubClsid32 HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\TypeLib HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\TypeLib#Version HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C} HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\ProxyStubClsid HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\ProxyStubClsid32 HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\TypeLib HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\TypeLib#Version HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0} HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\ProxyStubClsid HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\ProxyStubClsid32 HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\TypeLib HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\TypeLib#Version Adware.Tracking Cookie C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@serving-sys[2].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.googleadservices[1].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@imrworldwide[2].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.cartoonnetwork[2].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.yieldmanager[1].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.googleadservices[3].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@nextag[2].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@bs.serving-sys[1].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@msnportal.112.2o7[1].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.associatedcontent[1].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@media.kansascity[2].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@msnbc.112.2o7[2].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.associatedcontent[1].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@azjmp[1].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@overture[3].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.googleadservices[4].txt C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@overture[2].txt Trojan.Agent/Gen-ModuleR[N] C:\WINDOWS\SYSTEM32\TANENBAUMUS.DLL Share this post Link to post Share on other sites