Author Topic: svchost.exe process and a bunch of PUM (and other stuffs)  (Read 132699 times)

0 Members and 1 Guest are viewing this topic.

Reply #135December 21, 2015, 02:30:35 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #135 on: December 21, 2015, 02:30:35 PM »
Hi Heantrad,

Yes, they were legit.
Your report is clean.

Regards.

Reply #136December 23, 2015, 12:17:40 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #136 on: December 23, 2015, 12:17:40 PM »
Hi Heantrad,

Yes, they were legit.
Your report is clean.

Regards.
So they were false positives.
Also, I sended you a PM with what seems a new Skype scam, as there isn't any information of it on the internet.

Reply #137December 23, 2015, 02:59:51 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #137 on: December 23, 2015, 02:59:51 PM »
Hi Heantrad,

Quote from: Heantrad
So they were false positives.
Those entries are PUMs, they must be interpreted manually.
Please refer to this post for more information.

Quote from: Heantrad
Also, I sended you a PM with what seems a new Skype scam, as there isn't any information of it on the internet.
Your friend is most likely infected. Did you click on the link ?

Regards.

Reply #138December 23, 2015, 07:57:44 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #138 on: December 23, 2015, 07:57:44 PM »
Hi Heantrad,

Quote from: Heantrad
So they were false positives.
Those entries are PUMs, they must be interpreted manually.
Please refer to this post for more information.

Quote from: Heantrad
Also, I sended you a PM with what seems a new Skype scam, as there isn't any information of it on the internet.
Your friend is most likely infected. Did you click on the link ?

Regards.

So, it's up to me to decide if that was a PUM or not then.
Well, it seemed a legit google page, so I don't know, about the perserve bar entry, no idea.
No, I didn't click on the link, but as it seems, it's a new scam, as there isn't any information on Google about that page.

Reply #139December 23, 2015, 09:39:55 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #139 on: December 23, 2015, 09:39:55 PM »
Hi Heantrad,

Quote from: Heantrad
So, it's up to me to decide if that was a PUM or not then.
Well, it seemed a legit google page, so I don't know, about the perserve bar entry, no idea.
Yes. If it's google, it's legit. ;)

Quote from: Heantrad
No, I didn't click on the link, but as it seems, it's a new scam, as there isn't any information on Google about that page.
Since you didn't click on the link, you dont have to worry.

Regards.

Reply #140January 05, 2016, 01:15:51 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #140 on: January 05, 2016, 01:15:51 PM »
Hi Heantrad,

Quote from: Heantrad
So, it's up to me to decide if that was a PUM or not then.
Well, it seemed a legit google page, so I don't know, about the perserve bar entry, no idea.
Yes. If it's google, it's legit. ;)

Quote from: Heantrad
No, I didn't click on the link, but as it seems, it's a new scam, as there isn't any information on Google about that page.
Since you didn't click on the link, you dont have to worry.

Regards.
So, I checked the firewall rules that CCleaner can remove, they're all from Java, and as I'm going to reinstall Java later or sooner again, I will not remove them.

Also, yesterday a friend sended me a message on the phone with a link to a webpage named quizyourfriends , it sounded as a webpage that wasn't safe, so I didn't opened it, but by mistake I clicked it and opened it. I wanna ask, is that site safe? I ask because I have Chrome synchronized on PC and Smarthphone, so I suposse the data of it would have sync after that, I suppose.

Reply #141January 05, 2016, 10:18:57 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #141 on: January 05, 2016, 10:18:57 PM »
Hi Heantrad,

quizyourfriends website is safe.

Regards.

Reply #142January 11, 2016, 06:54:52 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #142 on: January 11, 2016, 06:54:52 PM »
Hi Heantrad,

quizyourfriends website is safe.

Regards.
So I was checking the task scheluder and I noticed a task with a strange name.
It activates when you create or modify a task, and the action is to execute a program.
I included an image with the task's action details.
I did install TronScript time ago, but I alredy deleted it, so, what does the task do and what would it happen if it was executed?, as it stills active.

Reply #143January 11, 2016, 07:24:59 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #143 on: January 11, 2016, 07:24:59 PM »
Hi Heantrad,

pcalua.exe is the Program Compatibility Assistant.  The Program Compatibility Assistant is an automatic feature of Windows that runs when it detects an older program has a compatibility problem.
Since you don't use TronScript any more, you can safely delete the task.

Regards.

Reply #144January 11, 2016, 10:08:29 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #144 on: January 11, 2016, 10:08:29 PM »
Hi Heantrad,

pcalua.exe is the Program Compatibility Assistant.  The Program Compatibility Assistant is an automatic feature of Windows that runs when it detects an older program has a compatibility problem.
Since you don't use TronScript any more, you can safely delete the task.

Regards.
I did a scan with AdwCleaner and it detected a pair of files, I'll delete them now.
Any idea of what could it have been?
I unistalled AdwCleaner it to empty the quarantine, but it seems the files still are there.
« Last Edit: January 11, 2016, 10:35:53 PM by Heantrad »

Reply #145January 11, 2016, 11:32:55 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #145 on: January 11, 2016, 11:32:55 PM »
Hi Heantrad,

These files are linked to Olark chat widget. They are certainly harmless.
If you want to delete them, delete the following folder :
Quote
C:\AdwCleaner

Regards.

Reply #146January 12, 2016, 03:22:09 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #146 on: January 12, 2016, 03:22:09 PM »
Hi Heantrad,

These files are linked to Olark chat widget. They are certainly harmless.
If you want to delete them, delete the following folder :
Quote
C:\AdwCleaner

Regards.
The thing is that I alredy deleted them, but as showed by the other image I linked too, it seems that they haven't got deleted, althought AdwCleaner doesn't detect anything anymore.
Also, is urlrevealer.com a good url revelar page, or is there any better ones out there?, as I've readed that it might be a fake site.
« Last Edit: January 12, 2016, 04:11:01 PM by Heantrad »

Reply #147January 12, 2016, 08:52:56 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #147 on: January 12, 2016, 08:52:56 PM »
Hi Heantrad,

Quote from: Heantrad
The thing is that I alredy deleted them, but as showed by the other image I linked too, it seems that they haven't got deleted, althought AdwCleaner doesn't detect anything anymore.
Since they are not detected anaymore, it's alright.

Quote from: Heantrad
Also, is urlrevealer.com a good url revelar page, or is there any better ones out there?, as I've readed that it might be a fake site.
It's safe. If your are satisfied with it, keeps using it.

Regards.

Reply #148January 17, 2016, 12:34:17 AM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #148 on: January 17, 2016, 12:34:17 AM »
It's the domain a.pomf.cat clean?
I've seen in virustotal, pomf.cat and a.pomf.cat appear clear, but when pomf is hosting a file (In my case I opened the link trough RES, so I didn't left Reddit but I could hear the audio file it was beign hosted) it has a malicious detection and a suspicious one.




Reply #149January 18, 2016, 02:25:54 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #149 on: January 18, 2016, 02:25:54 PM »
Hi Heantrad,

A quick examination of the site doesn't reveal anything malicious.
However, please keep in mind that the content hosted may be malicious.

Regards.