Author Topic: svchost.exe process and a bunch of PUM (and other stuffs)  (Read 139683 times)

0 Members and 2 Guests are viewing this topic.

Reply #150January 19, 2016, 07:50:34 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #150 on: January 19, 2016, 07:50:34 PM »
Hi Heantrad,

A quick examination of the site doesn't reveal anything malicious.
However, please keep in mind that the content hosted may be malicious.

Regards.
It's webm.land safe?
Virustotal and Safeweb say it's clean, but if I've hearded that video uploading webpages normally contain malware.
Also, when I do a RogueKiller scan now, the registry part appears totally clean now, without the DNS entries, have that DNS entries been whitelisted?
« Last Edit: January 19, 2016, 10:21:00 PM by Heantrad »

Reply #151January 20, 2016, 11:25:58 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #151 on: January 20, 2016, 11:25:58 PM »
Hi Heantrad,
Quote from: Heantrad
It's webm.land safe?
The website itself should be safe but the ads displayed may be not.
I advice you to install the Web of Trust module for Firefox, it will help you to check the safety of websites .

Quote from: Heantrad
Also, when I do a RogueKiller scan now, the registry part appears totally clean now, without the DNS entries, have that DNS entries been whitelisted?
Sort of. Those entries are now hidden by default.

Regards.

Reply #152January 21, 2016, 02:31:59 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #152 on: January 21, 2016, 02:31:59 PM »
Hi Heantrad,
Quote from: Heantrad
It's webm.land safe?
The website itself should be safe but the ads displayed may be not.
I advice you to install the Web of Trust module for Firefox, it will help you to check the safety of websites .

Quote from: Heantrad
Also, when I do a RogueKiller scan now, the registry part appears totally clean now, without the DNS entries, have that DNS entries been whitelisted?
Sort of. Those entries are now hidden by default.

Regards.
Sadly, I use Chrome, so I can't install that, but I have Avast Online Security in Chrome.
Is there any way to unhide those entries?
Also, found this page haveibeenpwned.com, it seems trustable, when I checked if it happened to my accounts, they all appeared clean, so we can guess the proxy server didn't send any important information I guess.
Also, is there any way to know what a new version of Chrome includes? I only know this blog googlechromereleases.blogspot.com and it seems it wasn't safe.
« Last Edit: January 21, 2016, 02:52:43 PM by Heantrad »

Reply #153January 21, 2016, 05:28:13 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #153 on: January 21, 2016, 05:28:13 PM »
Hi Heantrad,
Quote from: Heantrad
Sadly, I use Chrome, so I can't install that, but I have Avast Online Security in Chrome.
You can find a version for Chrome HERE.

Quote from: Heantrad
Is there any way to unhide those entries?
Not right now.

Quote from: Heantrad
Also, is there any way to know what a new version of Chrome includes? I only know this blog googlechromereleases.blogspot.com and it seems it wasn't safe
This website is maintained by Chrome developers; it's safe.

Regards.

Reply #154January 21, 2016, 05:43:38 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #154 on: January 21, 2016, 05:43:38 PM »
Hi Heantrad,
Quote from: Heantrad
Sadly, I use Chrome, so I can't install that, but I have Avast Online Security in Chrome.
You can find a version for Chrome HERE.

Quote from: Heantrad
Is there any way to unhide those entries?
Not right now.

Quote from: Heantrad
Also, is there any way to know what a new version of Chrome includes? I only know this blog googlechromereleases.blogspot.com and it seems it wasn't safe
This website is maintained by Chrome developers; it's safe.

Regards.
Strange, Virustotal says that blog it's dangerous and it also has a bad score.
Also, was it a bad idea to use the haveibeenpwned page? As it can get breached or the creator (although the creator seems trustable) can sell the information.
« Last Edit: January 21, 2016, 06:39:39 PM by Heantrad »

Reply #155January 22, 2016, 12:34:53 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #155 on: January 22, 2016, 12:34:53 PM »
Hi Heantrad,
Quote from: Heantrad
Strange, Virustotal says that blog it's dangerous and it also has a bad score.
Check this.

Quote from: Heantrad
Also, was it a bad idea to use the haveibeenpwned page? As it can get breached or the creator (although the creator seems trustable) can sell the information.
There is no way to be sure.

Regards.

Reply #156January 23, 2016, 01:03:15 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #156 on: January 23, 2016, 01:03:15 PM »
Hi Heantrad,
Quote from: Heantrad
Strange, Virustotal says that blog it's dangerous and it also has a bad score.
Check this.

Quote from: Heantrad
Also, was it a bad idea to use the haveibeenpwned page? As it can get breached or the creator (although the creator seems trustable) can sell the information.
There is no way to be sure.

Regards.
I wanted to ask something that happens when I use RogueKiller, the icon of 'Extract hardware safely' in the notification area dissapears without aparent reason, why does this happen?
Also, is Quttera a bad analizyng site? Everytime there's a detection from a safe page in VirusTotal is normally from Quttera, it even detects blog.malwarebytes.org as malicious.
So, yesterday I was checking some options in Skype and I clicked on help, it took me to my browser and opened sesion in Skype to see the help forum, the thing is that the account name was gibberish it was live:name, so I unlinked that account to my Microsoft account, but an e-mail reached saying that I had registered correctly and I decided to check what had happen, when I checked it the same happen, but this time it was live:name_2. The thing is that I've done that a bunch of times to test how it worked, and now there are a bunch of accounts with my name if you search it on the Skype desktop application.
I want to know, if I unlinked all those accounts from my Microsoft account, do they still have my login information and probably my e-mail too?
Is there any way to delete them?
Also, when I click my account name to enter my profile, it goes to my actual real profile, but not the one with the gibberish name.
And it seems I can register in the Skype Community with that gibberish name, but I need to enter a profile name to start.
I attached a image so you can see what I mean, if I click the profile name I enter on my normal account, if I click in the option below, I'm still registered with the gibberish name but I need to enter an actual profile name to fully register and use the Skype community.
So, it seems that gibberish name is just the normal name that is given to everyone before thet register to the community but alredy have a Skype account, so all those accounts seems to be linked to the same account, the one I use. But then, why there is a Skype result for every account that I have "created" now if they're all the same account in general?
So, basically, it seems that gibberish name was a temporal name for my Skype account in the forums, as I didn't fully ended registering, but my question is, what has happen to the rest of the accounts that are now left behind, they don't seem to have got deleted, as they appear on Skype's search in their application, but they also seem inaccesible, as if I log with my account, I enter the last one I created with the gibberish name.
Also, it seems that if I log either on hotmail, skype or the skype community I log on the rest of accounts, and if I unlog I unlog on everyone, but this time I entered the skype community, clicked my name and they asked me to log on my skype account. This is getting kind of messy to be honest.
It seems there are two _17 accounts now, instead of beign _17 and _18. Also, should I tell inform the Skype staff of this error? As if they take it as account spam or something and delete my Microsoft account, I will be left without e-mail.
I've checked the profiles of various of the accounts I seem to have created through this error, as I still have the registration mails I can see the profiles on the Skype community, they're all different accounts that seem to still active, as every each of them has a different profile picture that is given randomly and all of them have different registration times.
« Last Edit: January 24, 2016, 09:32:36 PM by Heantrad »

Reply #157January 25, 2016, 07:45:27 AM

webmland

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #157 on: January 25, 2016, 07:45:27 AM »
Hi Heantrad,

A quick examination of the site doesn't reveal anything malicious.
However, please keep in mind that the content hosted may be malicious.

Regards.
It's webm.land safe?
Virustotal and Safeweb say it's clean, but if I've hearded that video uploading webpages normally contain malware.
Also, when I do a RogueKiller scan now, the registry part appears totally clean now, without the DNS entries, have that DNS entries been whitelisted?
No ad's in our website.  ;)

Reply #158January 25, 2016, 03:29:13 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #158 on: January 25, 2016, 03:29:13 PM »
Hi Heantrad,
Quote from: Heantrad
I wanted to ask something that happens when I use RogueKiller, the icon of 'Extract hardware safely' in the notification area dissapears without aparent reason, why does this happen?
You are the first user to report this behaviour. We will investigate it.

Quote from: Heantrad
Also, is Quttera a bad analizyng site? Everytime there's a detection from a safe page in VirusTotal is normally from Quttera, it even detects blog.malwarebytes.org as malicious.
Quttera performs automatics websites malwares scan, so it can leads to false positives (blog.malwarebytes.org for exemple).

Regarding your questions about Skype, I suggest you to open a new thread on the Skype Community Forum. They will be more qualified than me to help you with this.

Regards.

Reply #159January 25, 2016, 03:33:48 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #159 on: January 25, 2016, 03:33:48 PM »
Hi webmland,

Thanks for the clarifications.
It's always nice when a website ownser invests some time to provide answers. :)

Regards.

Reply #160January 25, 2016, 05:29:44 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #160 on: January 25, 2016, 05:29:44 PM »
Hi Heantrad,
Quote from: Heantrad
I wanted to ask something that happens when I use RogueKiller, the icon of 'Extract hardware safely' in the notification area dissapears without aparent reason, why does this happen?
You are the first user to report this behaviour. We will investigate it.

Quote from: Heantrad
Also, is Quttera a bad analizyng site? Everytime there's a detection from a safe page in VirusTotal is normally from Quttera, it even detects blog.malwarebytes.org as malicious.
Quttera performs automatics websites malwares scan, so it can leads to false positives (blog.malwarebytes.org for exemple).

Regarding your questions about Skype, I suggest you to open a new thread on the Skype Community Forum. They will be more qualified than me to help you with this.

Regards.
Alright, I'll post a thread there soon.
It's just strange as they seem to exist, but they don't appear on the search engine of the community forums.
Is puu.sh a dangerous site?, it has detections and a bad score on Virustotal, and I've searched info and it seems it can download a scr file which can act as a keylogger or something similar.
This e-mails were on the deleted e-mails folder, I don't remember having deleted them, as I'm keeping every e-amil from Skype, any idea of what they could be? (the one from 2015 didn't appear before).
Is akamaihd.net unsafe? It seems it has adware, and if that's the case, why does Facebook use it? It seems it's a CDN, so, does that mean that the adware that seems quite common and is distributed through this website doesn't have anything to do with the Facebook one?
Bing.com is a phising site?
So, is it true that one can get malware by using and viewing (not clicking any links or images) Google Images?
Is win.rar GmbH the legit editor of Winrar or does that mean I installed a bad version of it?

Also, I wanted to apologize for all the "is this page safe" questions I've been doing lately.
« Last Edit: January 30, 2016, 01:48:26 PM by Heantrad »

Reply #161March 03, 2016, 09:21:05 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #161 on: March 03, 2016, 09:21:05 PM »
First of all, sorry for all the wait with the Skype thing, I've been busy lately and I couldn't do it yet.
Today, Adwcleaner updated and detected a registry key.
Any idea of what can it be?
As it was a WIN key, could it be related to the update Microsoft Security Essentials recently had?
« Last Edit: March 03, 2016, 09:34:52 PM by Heantrad »

Reply #162March 04, 2016, 02:21:07 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #162 on: March 04, 2016, 02:21:07 PM »
Hi Heantrad,

This registry key is a leftover of some adware.
You can safely remove it.

Regards.

Reply #163March 27, 2016, 06:52:52 PM

Heantrad

  • Jr. Member

  • Offline
  • **

  • 92
  • Reputation:
    0
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #163 on: March 27, 2016, 06:52:52 PM »
Hi Heantrad,

This registry key is a leftover of some adware.
You can safely remove it.

Regards.
Okay, thanks for answering.
So, a pair of days ago my computer stopped completelly working because some problems with the graphic card or the motherboard, I still don't know, but right now I'm using my computer without the graphic card.
The thing is that I ran a RKill scan today and it detected an error in the Windows Service Integrity, I'll attach the log.
I'm also configuring a computer that through cable is connected to the same net as my computer, today I finished installing all the windows updates (the computer is running Windows 7 too) and I ran a complete scan with Microsoft Security Essentials, the preliminary scan says that it   has detected potential malware, apart of the updates and the antivirus we didn't install anything else.
I haven't ran any other scans on my computer yet, so I don't know if there's anything else.
Any ideas of what can it be?

Reply #164March 28, 2016, 02:42:06 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: svchost.exe process and a bunch of PUM (and other stuffs)
« Reply #164 on: March 28, 2016, 02:42:06 PM »
Hi Heantrad,
Quote from: Heantrad
So, a pair of days ago my computer stopped completelly working because some problems with the graphic card or the motherboard, I still don't know, but right now I'm using my computer without the graphic card.
You are lucky your computer is still working. :)

Quote from: Heantrad
The thing is that I ran a RKill scan today and it detected an error in the Windows Service Integrity, I'll attach the log.
The TPM Base Services (TBS) feature is an optional system service that allows transparent sharing of the Trusted Platform Module (TPM) resources. It simultaneously shares the TPM resources among multiple applications on the same physical machine, even if those applications run on different virtual machines.
In short, in your case, this has no impact.

Quote from: Heantrad
I'm also configuring a computer that through cable is connected to the same net as my computer, today I finished installing all the windows updates (the computer is running Windows 7 too) and I ran a complete scan with Microsoft Security Essentials, the preliminary scan says that it   has detected potential malware, apart of the updates and the antivirus we didn't install anything else.
I haven't ran any other scans on my computer yet, so I don't know if there's anything else.
Any ideas of what can it be?
I believe it's a false positive.

Regards.