Show Posts
1
RogueKiller / PUM.dns
« on: April 15, 2016, 01:08:43 AM »
These keep showing up after I restart my computer even though I deleted them.
I have also used combofix, malwarebytes, tdsskiller and ccleaner.
Is there any way to get rid of them? I'm no professional, I tried changeing dns to google instead of my isp dns server.
I was also ddoed last night, me and my friends game server have been attacked all day and last night.
I'm worried this has something to do with it, also my svdhost.exe had some malware in it, but unfortunetly I deleted that and the history logs
Thanks for helping me, bye.
RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7600) 64 bits version
Started in : Normal mode
User : dude [Administrator]
Started from : C:\Users\dude\Downloads\RogueKiller.exe
Mode : Scan -- Date : 04/15/2016 00:59:46
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 <- my isp dns servers 80.244.65.3 ([X][-]) -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD253GJ ATA Device +++++
--- User ---
[MBR] 005d103ba332421d402630e10119d1ca
[BSP] 28c57e25f8ace71c5e4839d1ad899978 : Linux|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 2048 | Size: 23841 MB
1 - [ACTIVE] LINUX (0x83) [VISIBLE] Offset (sectors): 48828416 | Size: 477 MB
2 - [XXXXXX] LINUX-SWP (0x82) [VISIBLE] Offset (sectors): 49805312 | Size: 3815 MB
3 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 57618432 | Size: 210341 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: SAMSUNG HD753LJ ATA Device +++++
--- User ---
[MBR] ae0ee8bcfbcd9d221277e7aa6a77b823
[BSP] 96380fcdf713f4dc15c2a73a4d3e245d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 715302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
I have also used combofix, malwarebytes, tdsskiller and ccleaner.
Is there any way to get rid of them? I'm no professional, I tried changeing dns to google instead of my isp dns server.
I was also ddoed last night, me and my friends game server have been attacked all day and last night.
I'm worried this has something to do with it, also my svdhost.exe had some malware in it, but unfortunetly I deleted that and the history logs
Thanks for helping me, bye.
RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7600) 64 bits version
Started in : Normal mode
User : dude [Administrator]
Started from : C:\Users\dude\Downloads\RogueKiller.exe
Mode : Scan -- Date : 04/15/2016 00:59:46
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 <- my isp dns servers 80.244.65.3 ([X][-]) -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD253GJ ATA Device +++++
--- User ---
[MBR] 005d103ba332421d402630e10119d1ca
[BSP] 28c57e25f8ace71c5e4839d1ad899978 : Linux|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 2048 | Size: 23841 MB
1 - [ACTIVE] LINUX (0x83) [VISIBLE] Offset (sectors): 48828416 | Size: 477 MB
2 - [XXXXXX] LINUX-SWP (0x82) [VISIBLE] Offset (sectors): 49805312 | Size: 3815 MB
3 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 57618432 | Size: 210341 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: SAMSUNG HD753LJ ATA Device +++++
--- User ---
[MBR] ae0ee8bcfbcd9d221277e7aa6a77b823
[BSP] 96380fcdf713f4dc15c2a73a4d3e245d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 715302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
