So I got some PUM DNS entries while doing regular scans (so there have been no symptoms or anything, I just scan regularly to be sure). Log attached, I guess that they are just some false positives but it still would be nice if you could comment on them just to be certain.
"registry": [
{
"scan_what": 1,
"scan_how": [
11
],
"scan_how_trigger": 11,
"vendors": [
"PUM.Dns"
],
"rule_name": "DNS",
"view": 256,
"value": "DhcpNameServer",
"subkey": "",
"value_old_data": "",
"value_data": "172.20.10.1",
"path": "HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces\\{2f726e50-cd41-448e-81eb-c57027f22000}",
"extra": "[X]",
"files_status": "",
"vtscore": -1,
"files": [],
"status_str": "Found",
"status_choice": 1,
"status_removed": 0
},
{
"scan_what": 1,
"scan_how": [
11
],
"scan_how_trigger": 11,
"vendors": [
"PUM.Dns"
],
"rule_name": "DNS",
"view": 256,
"value": "DhcpNameServer",
"subkey": "",
"value_old_data": "",
"value_data": "172.20.10.1",
"path": "HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\Tcpip\\Parameters\\Interfaces\\{2f726e50-cd41-448e-81eb-c57027f22000}",
"extra": "[X]",
"files_status": "",
"vtscore": -1,
"files": [],
"status_str": "Found",
"status_choice": 1,
"status_removed": 0
Topic: Some PUM DNS entries detected, anything to worry about? (Read 3886 times)
