Jump to content
lance_kidd

What is this?

Recommended Posts

I have an entry that keeps showing up on my computer. I clear it out and SAS fixes the problem and then a couple of days later, it shows back up again. SAS is the only spyware program to even recognize it. I've done a search on google and can't find any information.

The only thing that I can possibly narrow it down to is a program that my children go to on the internet called "Roblox." The trojan is getting on there while they are playing on the computer and the only thing I can figure is that it's coming from this. I may be totally wrong about that though.

Here is the entry:

Trojan.Agent/Gen-Mondlike-STS

Why is it that Malwarebytes and others do not recognize this entry?

Share this post


Link to post
Share on other sites
I have an entry that keeps showing up on my computer. I clear it out and SAS fixes the problem and then a couple of days later, it shows back up again. SAS is the only spyware program to even recognize it. I've done a search on google and can't find any information.

The only thing that I can possibly narrow it down to is a program that my children go to on the internet called "Roblox." The trojan is getting on there while they are playing on the computer and the only thing I can figure is that it's coming from this. I may be totally wrong about that though.

Here is the entry:

Trojan.Agent/Gen-Mondlike-STS

Why is it that Malwarebytes and others do not recognize this entry?

Post the full SUPERAntiSpyware scan log here for review please.

Share this post


Link to post
Share on other sites

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 10/07/2009 at 01:59 AM

Application Version : 4.29.1002

Core Rules Database Version : 4150

Trace Rules Database Version: 2079

Scan type : Complete Scan

Total Scan Time : 00:58:34

Memory items scanned : 566

Memory threats detected : 0

Registry items scanned : 7947

Registry threats detected : 49

File items scanned : 34750

File threats detected : 19

Trojan.Agent/Gen-Mondlike-STS

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\Implemented Categories

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\InprocServer32

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\InprocServer32#ThreadingModel

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\ProgID

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\Programmable

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\TypeLib

HKCR\CLSID\{F0BEE3AD-E1D2-4501-A6B7-593A9C0863BF}\VERSION

HKCR\PlsaturnSfm.Plsaturn

HKCR\PlsaturnSfm.Plsaturn\Clsid

HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}

HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0

HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\0

HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\0\win32

HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\FLAGS

HKCR\TypeLib\{F5B6A99D-E51C-4705-8EB6-9113F6F41F15}\1.0\HELPDIR

C:\WINDOWS\SYSTEM32\PLSATURN.DLL

HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}

HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\ProxyStubClsid

HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\ProxyStubClsid32

HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\TypeLib

HKCR\Interface\{03B6C88E-B7A1-49EB-9AD5-4F2FF02421EC}\TypeLib#Version

HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}

HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\ProxyStubClsid

HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\ProxyStubClsid32

HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\TypeLib

HKCR\Interface\{14EFCADB-E2C1-4ED6-B387-CEE34C34837F}\TypeLib#Version

HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}

HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\ProxyStubClsid

HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\ProxyStubClsid32

HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\TypeLib

HKCR\Interface\{64C2642B-34BB-42F8-920E-E147AAE6D4CE}\TypeLib#Version

HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}

HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\ProxyStubClsid

HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\ProxyStubClsid32

HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\TypeLib

HKCR\Interface\{7C0E98B8-BB5F-4042-B813-97A73C9E84D4}\TypeLib#Version

HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}

HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\ProxyStubClsid

HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\ProxyStubClsid32

HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\TypeLib

HKCR\Interface\{94ACBD10-2B27-4EAD-8ECA-718CC0A8AE0C}\TypeLib#Version

HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}

HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\ProxyStubClsid

HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\ProxyStubClsid32

HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\TypeLib

HKCR\Interface\{F1AB149B-48C5-4392-B959-F4F257D626D0}\TypeLib#Version

Adware.Tracking Cookie

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@serving-sys[2].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.googleadservices[1].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@imrworldwide[2].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.cartoonnetwork[2].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.yieldmanager[1].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.googleadservices[3].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@nextag[2].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@bs.serving-sys[1].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@msnportal.112.2o7[1].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.associatedcontent[1].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@media.kansascity[2].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@msnbc.112.2o7[2].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.associatedcontent[1].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@azjmp[1].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@overture[3].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.googleadservices[4].txt

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@overture[2].txt

Trojan.Agent/Gen-ModuleR[N]

C:\WINDOWS\SYSTEM32\TANENBAUMUS.DLL

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×