Hi,
I've run MalwareBytes and it's said I have no issue on my machine, but I then ran Roguekiller and it found 4 PUM.Dns in the registry. I ran in safe mode and RK then didn't find anything. When I rebooted and ran RK again it found 4 PUM.Dns entries, again in the registry. Can anyone shed any light on what's happening. Here's a copy of the report...
RogueKiller V9.1.0.0 [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : kerry [Admin rights]
Mode : Scan -- Date : 06/29/2014 17:54:45
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61DCCB1C-8BF9-4A52-B1D8-32F9BB785155} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{61DCCB1C-8BF9-4A52-B1D8-32F9BB785155} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{61DCCB1C-8BF9-4A52-B1D8-32F9BB785155} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] 81154b717bd4745562c4228e7bdb92cf
[BSP] a6d790c618a1507ae45e3e9fa2fe2aa3 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 15168 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 31145984 | Size: 461728 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
============================================
RKreport_DEL_06292014_132348.log - RKreport_DEL_06292014_144438.log - RKreport_DEL_06292014_144915.log - RKreport_SCN_06292014_132213.log
RKreport_SCN_06292014_143859.log - RKreport_SCN_06292014_144902.log - RKreport_SCN_06292014_145606.log - RKreport_SCN_06292014_170340.log
I've run MalwareBytes and it's said I have no issue on my machine, but I then ran Roguekiller and it found 4 PUM.Dns in the registry. I ran in safe mode and RK then didn't find anything. When I rebooted and ran RK again it found 4 PUM.Dns entries, again in the registry. Can anyone shed any light on what's happening. Here's a copy of the report...
RogueKiller V9.1.0.0 [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : kerry [Admin rights]
Mode : Scan -- Date : 06/29/2014 17:54:45
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61DCCB1C-8BF9-4A52-B1D8-32F9BB785155} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{61DCCB1C-8BF9-4A52-B1D8-32F9BB785155} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{61DCCB1C-8BF9-4A52-B1D8-32F9BB785155} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] 81154b717bd4745562c4228e7bdb92cf
[BSP] a6d790c618a1507ae45e3e9fa2fe2aa3 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 15168 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 31145984 | Size: 461728 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
============================================
RKreport_DEL_06292014_132348.log - RKreport_DEL_06292014_144438.log - RKreport_DEL_06292014_144915.log - RKreport_SCN_06292014_132213.log
RKreport_SCN_06292014_143859.log - RKreport_SCN_06292014_144902.log - RKreport_SCN_06292014_145606.log - RKreport_SCN_06292014_170340.log