Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUM.DNS & PUM.Homepage infection :(


  • Please log in to reply
5 replies to this topic

#1 oriald

oriald

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 22 July 2015 - 06:21 PM

Hi There,

 

I recently noticed browsing on my new machine became SUPER SLOW, not being able to access some sites as well so I ran Riguekiller and got this:

¤¤¤ Registry : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1294021697-1748158743-1044549440-1001\Software\Microsoft\Internet Explorer\Main | Start Page :
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1294021697-1748158743-1044549440-1001\Software\Microsoft\Internet Explorer\Main | Start Page :
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1294021697-1748158743-1044549440-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL :
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1294021697-1748158743-1044549440-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL :
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CEB0110E-CC7B-4B01-884F-81E4EF1E79F4} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CEB0110E-CC7B-4B01-884F-81E4EF1E79F4} | DhcpNameServer : 10.0.0.138 ([(Private Address) (XX)])  -> Found
 

 

I followed th instruction in this thread: http://www.bleepingcomputer.com/forums/t/549226/how-do-i-remove-pumdns-and-all-its-files-permanently/ and attached are the logs.

 

I really REALLY appreciate your help!

 

Thanks!

Ori.

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:11:59 PM

Posted 24 July 2015 - 08:49 AM

hi,

 

Not everything thats listed in RogueKiller is "bad". That DNS ip is private and not routeable on the internet. If your browser is still "slow" you might try setting it back to its default settings and see if that improves anything.


How Can I Reduce My Risk to Malware?


#3 oriald

oriald
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 24 July 2015 - 03:07 PM

Thanks Shelflife!

Just to be on the safe side - which tools would you recommend I run on my machine to make sure im clean?

 

Regards,

Ori.



#4 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:11:59 PM

Posted 24 July 2015 - 05:56 PM

You could check malwarebytes for updates and do a scan with it. You could also do a online scan at one of these below:

 

http://www.eset.com/us/online-scanner/  

 

http://housecall.trendmicro.com/

 

http://www.pandasecurity.com/activescan/index/


How Can I Reduce My Risk to Malware?


#5 oriald

oriald
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 26 July 2015 - 01:21 PM

Thanks much shelf life! :)

#6 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:11:59 PM

Posted 26 July 2015 - 02:49 PM

Ok your welcome. Happy Safe Surfing out there.


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users