Author Topic: PUM.dns  (Read 4970 times)

0 Members and 1 Guest are viewing this topic.

April 15, 2016, 01:08:43 AM

halp

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
PUM.dns
« on: April 15, 2016, 01:08:43 AM »
These keep showing up after I restart my computer even though I deleted them.
I have also used combofix, malwarebytes, tdsskiller and ccleaner.

Is there any way to get rid of them? I'm no professional, I tried changeing dns to google instead of my isp dns server.
I was also ddoed last night, me and my friends game server have been attacked all day and last night.
I'm worried this has something to do with it, also my svdhost.exe had some malware in it, but unfortunetly I deleted that and the history logs  :'(

Thanks for helping me, bye.

RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7600) 64 bits version
Started in : Normal mode
User : dude [Administrator]
Started from : C:\Users\dude\Downloads\RogueKiller.exe
Mode : Scan -- Date : 04/15/2016 00:59:46

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 80.244.65.3 ([X][-])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{678E95BB-BE26-4FD2-BBD0-6E89C9178D82} | DhcpNameServer : 80.244.65.130 <- my isp dns servers 80.244.65.3 ([X][-])  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD253GJ ATA Device +++++
--- User ---
[MBR] 005d103ba332421d402630e10119d1ca
[BSP] 28c57e25f8ace71c5e4839d1ad899978 : Linux|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 2048 | Size: 23841 MB
1 - [ACTIVE] LINUX (0x83) [VISIBLE] Offset (sectors): 48828416 | Size: 477 MB
2 - [XXXXXX] LINUX-SWP (0x82) [VISIBLE] Offset (sectors): 49805312 | Size: 3815 MB
3 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 57618432 | Size: 210341 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SAMSUNG HD753LJ ATA Device +++++
--- User ---
[MBR] ae0ee8bcfbcd9d221277e7aa6a77b823
[BSP] 96380fcdf713f4dc15c2a73a4d3e245d : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 715302 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Reply #1April 15, 2016, 01:15:31 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: PUM.dns
« Reply #1 on: April 15, 2016, 01:15:31 PM »
Hi halp,

PUM stands for Potentially Unwanted Modification. In your case, thoses entries are perfectly legit and necessary to access Internet.
For more information, please read RogueKiller Documentation.

Regards.