Adlice forum
Software feedback => RogueKiller => Topic started by: Cerulean Fish on December 06, 2015, 07:58:12 PM
-
Hello Group, thanks Adlice for offering the RogueKiller tool. I'm running a laptop with Win7 Home Premium SP1 patched current, 64bit. My roomate lets me leech his WIFI, AT&T U-verse on a 18/3 line. I've been seeing gateway.pace.com come up a lot. May I ask a question about results here please, specifically PUM.dns.
I had PUM.dns come up reporting three keys:
My Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{...long ID string...}
...\ControlSet001\...
...\ControlSet002\...
The value label is: DhcpNameServer/ Value is a pair of IPs: 198.224.171.135 198.224.168.135
whois on the IP yeilded: Service Provider Corporation
Question: Why is this config flagged as a PUM? I have a generic understanding of networking, DHCP and DNS. But I'm curious why I have the REG key entries on my system. My goal is to understand the risk presented and re-config if needed.
Thank you for your time reading this. /Cie
-
Hi Cerulean Fish,
Welcome to Adlice.com Forum.
Theses lines match the adress of the Domain Name System (http://en.wikipedia.org/wiki/Domain_Name_System) and DHCP (https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol) servers used by your computer to access Internet.
RogueKiller is currently unable to check if these values are legit or not. That's why they are flagged as PUMs.
In your case, they are perfectly safe. ;)
Regards.
Note : This thread has been moved to the "RogueKiller" section for clarity.