Author Topic: svchost.exe process and a bunch of PUM (and other stuffs)  (Read 139665 times)

0 Members and 1 Guest are viewing this topic.

Reply #165April 02, 2016, 10:56:52 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #165 on: April 02, 2016, 10:56:52 PM »
Hi Heantrad,
Quote from: Heantrad
So, a pair of days ago my computer stopped completelly working because some problems with the graphic card or the motherboard, I still don't know, but right now I'm using my computer without the graphic card.
You are lucky your computer is still working. :)

Quote from: Heantrad
The thing is that I ran a RKill scan today and it detected an error in the Windows Service Integrity, I'll attach the log.
The TPM Base Services (TBS) feature is an optional system service that allows transparent sharing of the Trusted Platform Module (TPM) resources. It simultaneously shares the TPM resources among multiple applications on the same physical machine, even if those applications run on different virtual machines.
In short, in your case, this has no impact.

Quote from: Heantrad
I'm also configuring a computer that through cable is connected to the same net as my computer, today I finished installing all the windows updates (the computer is running Windows 7 too) and I ran a complete scan with Microsoft Security Essentials, the preliminary scan says that it   has detected potential malware, apart of the updates and the antivirus we didn't install anything else.
I haven't ran any other scans on my computer yet, so I don't know if there's anything else.
Any ideas of what can it be?
I believe it's a false positive.

Regards.
So, today I was trying to install a program in the other computer from my net, during the installation of it (although it was oficial) I saw it included adware so I told the owner of that computer to wait until I found a better program without adware. The thing is that he ignored me and he decided to enter Softonic and other pages which I don't know it's validity but they seemed to be fake websites with fake solutions.
The thing is, through entering in those webpages and as we're connected by cable to the same router, could it have affected my computer by any sort? He used Firefox with Adblock Plus and NoScript.
I would also like to ask, any malware, spyware, etcetera that gets into his computer, can it infect or affect mine in any way?
I've done VirusTotal scans of RKill and AdwCleaner out of curiosity and the programs seem to have detections by some reason, are they fake positives?
Also, a doubt I have, lately I've seen Multi.Threats.InArchive a lot on VirusTotal, what does it mean?
« Last Edit: April 03, 2016, 11:39:55 PM by Heantrad »

Reply #166April 04, 2016, 03:48:49 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #166 on: April 04, 2016, 03:48:49 PM »
Hi Heantrad,

Quote from: Heantrad
So, today I was trying to install a program in the other computer from my net, during the installation of it (although it was oficial) I saw it included adware so I told the owner of that computer to wait until I found a better program without adware. The thing is that he ignored me and he decided to enter Softonic and other pages which I don't know it's validity but they seemed to be fake websites with fake solutions.
Softonic is indeed repacking legit softwares with adwares.
It's adviced to not download anything from this site.

Quote from: Heantrad
The thing is, through entering in those webpages and as we're connected by cable to the same router, could it have affected my computer by any sort? He used Firefox with Adblock Plus and NoScript.
No, your computer is safe.

Quote from: Heantrad
I would also like to ask, any malware, spyware, etcetera that gets into his computer, can it infect or affect mine in any way?
Some malware may use vulnerabilities to propagate through computers in the same network, but they are not common.
Don't worry too much about it.

Quote from: Heantrad
I've done VirusTotal scans of RKill and AdwCleaner out of curiosity and the programs seem to have detections by some reason, are they fake positives?
Yes, they are.

Quote from: Heantrad
Also, a doubt I have, lately I've seen Multi.Threats.InArchive a lot on VirusTotal, what does it mean?
It's usually a software archive containing adwares.

Regards.

Reply #167April 23, 2016, 11:35:46 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #167 on: April 23, 2016, 11:35:46 PM »
Hi Heantrad,

Quote from: Heantrad
So, today I was trying to install a program in the other computer from my net, during the installation of it (although it was oficial) I saw it included adware so I told the owner of that computer to wait until I found a better program without adware. The thing is that he ignored me and he decided to enter Softonic and other pages which I don't know it's validity but they seemed to be fake websites with fake solutions.
Softonic is indeed repacking legit softwares with adwares.
It's adviced to not download anything from this site.

Quote from: Heantrad
The thing is, through entering in those webpages and as we're connected by cable to the same router, could it have affected my computer by any sort? He used Firefox with Adblock Plus and NoScript.
No, your computer is safe.

Quote from: Heantrad
I would also like to ask, any malware, spyware, etcetera that gets into his computer, can it infect or affect mine in any way?
Some malware may use vulnerabilities to propagate through computers in the same network, but they are not common.
Don't worry too much about it.

Quote from: Heantrad
I've done VirusTotal scans of RKill and AdwCleaner out of curiosity and the programs seem to have detections by some reason, are they fake positives?
Yes, they are.

Quote from: Heantrad
Also, a doubt I have, lately I've seen Multi.Threats.InArchive a lot on VirusTotal, what does it mean?
It's usually a software archive containing adwares.

Regards.
Alright, thanks a lot for helping me with that.
By the way, for some reason the last version of rkill is getting a bunch of detections and bad score in VirusTotal, has something happened with it? https://www.virustotal.com/en/file/6f084bfc9e26773a7d8f6c59b3650f7307a7b725fd2e9fddcba2199c28a349af/analysis/1461447181/
Another doubt, I checked the integrity of rpg-maker.fr because I needed to check something there and NortonSafeWeb detected a virus called Heuristic.AHD. My doubt is, does the virus infect you directly when you enter the page or only if you download the program it seems it's infected? (as it specifies a location for that virus)
« Last Edit: April 24, 2016, 10:30:31 PM by Heantrad »

Reply #168April 24, 2016, 11:36:16 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #168 on: April 24, 2016, 11:36:16 PM »
Hi Heantrad,
Quote from: Heantrad
By the way, for some reason the last version of rkill is getting a bunch of detections and bad score in VirusTotal, has something happened with it?
Rkill is using techniques whose appear suspicious to some antivirus softwares.
It's perfectly safe to be used.

Quote from: Heantrad
Another doubt, I checked the integrity of rpg-maker.fr because I needed to check something there and NortonSafeWeb detected a virus called Heuristic.AHD. My doubt is, does the virus infect you directly when you enter the page or only if you download the program it seems it's infected? (as it specifies a location for that virus)
I don't spot anything suspicious.
It must be a false positive.

Regards.

Reply #169April 25, 2016, 02:11:09 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #169 on: April 25, 2016, 02:11:09 PM »
Hi Heantrad,
Quote from: Heantrad
By the way, for some reason the last version of rkill is getting a bunch of detections and bad score in VirusTotal, has something happened with it?
Rkill is using techniques whose appear suspicious to some antivirus softwares.
It's perfectly safe to be used.

Quote from: Heantrad
Another doubt, I checked the integrity of rpg-maker.fr because I needed to check something there and NortonSafeWeb detected a virus called Heuristic.AHD. My doubt is, does the virus infect you directly when you enter the page or only if you download the program it seems it's infected? (as it specifies a location for that virus)
I don't spot anything suspicious.
It must be a false positive.

Regards.
If needed, the localitation of that supossed virus is this scan here https://safeweb.norton.com/report/show?url=http%3A%2F%2Fwww.rpg-maker.fr%2F

Reply #170April 25, 2016, 04:24:12 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #170 on: April 25, 2016, 04:24:12 PM »
Hi Heantrad,

This is definitely a false positive.

Regards.

Reply #171May 05, 2016, 02:06:27 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #171 on: May 05, 2016, 02:06:27 PM »
Hi Heantrad,

This is definitely a false positive.

Regards.
For no apparent reason, the computer needs to do a full disk check to verify the integrity of some files on startup, it seems to be the same type of check I did time ago on the MalwareBytes forum after they found some errors with winows search.
When I turned on the PC today for the first time, it didn't appear, but the Windows Updates didn't download so I restarted the computer, when I restarted that message appeared after the OS started but before the desktop appeared, I was too slow to make it don't check the hardrive and it started, but I turned off the PC anyways.
When I started the PC again, it appeared again, but this time I cancelled it correctly, but it keeps appearing.
The computer doesn't seem to have anything wrong at first glance, why could that have happened and should I let the hardrive get checked?
« Last Edit: May 05, 2016, 05:33:08 PM by Heantrad »

Reply #172May 05, 2016, 07:41:35 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #172 on: May 05, 2016, 07:41:35 PM »
Hi Heantrad,

An error may have been detected and Windows scheduled CHKDSK to be run on startup to check your HDD.
I advice you to let it complete the scan.

Regards.

Reply #173May 07, 2016, 12:25:47 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #173 on: May 07, 2016, 12:25:47 PM »
Hi Heantrad,

An error may have been detected and Windows scheduled CHKDSK to be run on startup to check your HDD.
I advice you to let it complete the scan.

Regards.
I'm doing a full scan with every program I have and so far AdwCleaner detected something in Chrome, I'll attach the log, the deleted item is down in the file, as now it seems AdwCleaner only uses one file for all deletion logs.

So, news sites like Forbes and Reuters are saying there has been a hack of millions of e-mail accounts (those including Google and Hotmail), I would like to ask if you know, as those news don't specifie, was it an info leaks, an attack to the service's servers, or just manually hacked?
« Last Edit: May 07, 2016, 11:33:57 PM by Heantrad »

Reply #174May 08, 2016, 08:06:01 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #174 on: May 08, 2016, 08:06:01 PM »
Hi Heantrad,
Quote from: Heantrad
I'm doing a full scan with every program I have and so far AdwCleaner detected something in Chrome, I'll attach the log, the deleted item is down in the file, as now it seems AdwCleaner only uses one file for all deletion logs.
AdwCleaner detected and deleted a PUP Search Provider, nothing to be afraid of.

Quote from: Heantrad
So, news sites like Forbes and Reuters are saying there has been a hack of millions of e-mail accounts (those including Google and Hotmail), I would like to ask if you know, as those news don't specifie, was it an info leaks, an attack to the service's servers, or just manually hacked?
This was not disclosed.

Regards.

Reply #175May 11, 2016, 07:52:00 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #175 on: May 11, 2016, 07:52:00 PM »
Hi Heantrad,
Quote from: Heantrad
I'm doing a full scan with every program I have and so far AdwCleaner detected something in Chrome, I'll attach the log, the deleted item is down in the file, as now it seems AdwCleaner only uses one file for all deletion logs.
AdwCleaner detected and deleted a PUP Search Provider, nothing to be afraid of.

Quote from: Heantrad
So, news sites like Forbes and Reuters are saying there has been a hack of millions of e-mail accounts (those including Google and Hotmail), I would like to ask if you know, as those news don't specifie, was it an info leaks, an attack to the service's servers, or just manually hacked?
This was not disclosed.

Regards.
For no reason in particular, Adblock Plus started crashing and needed to get restarted all the time today, after unistalling and installing it again, it keeped crashing, but after restarting the PC it seems to have stopped so far, any idea why could that have happened?
Also, as SuperAntiSpyware! runs in the background unless you exit the program and after that it still has a service running, can it cause conflict with Microsoft Security Essentials? I've searched if those programs are compatible and it seems it can cause some problems.

Reply #176May 11, 2016, 10:35:17 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #176 on: May 11, 2016, 10:35:17 PM »
Hi Heantrad,
Quote from: Heantrad
For no reason in particular, Adblock Plus started crashing and needed to get restarted all the time today, after unistalling and installing it again, it keeped crashing, but after restarting the PC it seems to have stopped so far, any idea why could that have happened?
I have no clue, sorry.

Quote from: Heantrad
Also, as SuperAntiSpyware! runs in the background unless you exit the program and after that it still has a service running, can it cause conflict with Microsoft Security Essentials? I've searched if those programs are compatible and it seems it can cause some problems.
SuperAntiSpyware and Microsoft Security Essentials are not targetting the same type of threats, so they should be working fine together.
However, please take note I know very little about SuperAntiSpyware , so I could be wrong.

Regards.

Reply #177June 24, 2016, 09:58:52 AM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #177 on: June 24, 2016, 09:58:52 AM »
Hi Heantrad,
Quote from: Heantrad
For no reason in particular, Adblock Plus started crashing and needed to get restarted all the time today, after unistalling and installing it again, it keeped crashing, but after restarting the PC it seems to have stopped so far, any idea why could that have happened?
I have no clue, sorry.

Quote from: Heantrad
Also, as SuperAntiSpyware! runs in the background unless you exit the program and after that it still has a service running, can it cause conflict with Microsoft Security Essentials? I've searched if those programs are compatible and it seems it can cause some problems.
SuperAntiSpyware and Microsoft Security Essentials are not targetting the same type of threats, so they should be working fine together.
However, please take note I know very little about SuperAntiSpyware , so I could be wrong.

Regards.
Today when I checked the task manager I saw there was a new task called Validation Task, after searching for a bit it seems it's legit, but it's programmed to happen in 3 months and the description has the name of a Windows 7 update that got installed around two years ago.
It's just a task made by Microsoft (although I haven't installed any updates specific for Windows 7 recently) to check if your copy of Windows is original or it can be something else?
Thanks in advance
« Last Edit: June 24, 2016, 10:05:46 AM by Heantrad »

Reply #178June 24, 2016, 01:37:27 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #178 on: June 24, 2016, 01:37:27 PM »
Hi Heantrad,

The Validation Task is perfectly legit and is indeed used to check for non-genuine Windows activation.
It's linked to update KB971033.

Regards.

Reply #179July 02, 2016, 11:16:08 AM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #179 on: July 02, 2016, 11:16:08 AM »
Hi Heantrad,

The Validation Task is perfectly legit and is indeed used to check for non-genuine Windows activation.
It's linked to update KB971033.

Regards.
It seems a program has unistalled without apparent reason, is there a way to check what programs have been unistalled?