PUM.Dns Very Hard to Remove

[xrad 0]

Hi

 

I'm looking for a way to remove some PUM.Dns infections on a customer PC.

Virus Total flags it as a Win32.WisdomEyes.It seems to be uploading data at various

times causing up to 100% cpu resources.

 

Eset EndPoint does not pick it up on scan. ADW picks it up and removes some files

if the pc is off line but once the pc is back on line back to square one.

 

Any help appreciated....

 

Just to note customer pc is used from 6am to 10pm 7 days a week with 4 to 6 users.

I have tried numerus tools to try to remove it with no success ie. Scan / removal

Online - Offline etc.

 

Registry Infections Flagged:

 

[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{39852A22-795B-43B6-B0DA-5AE8468BCBFD} | DhcpNameServer : 89.19.64.164 89.19.64.36 ([ireland][ireland])  -> Found

[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{39852A22-795B-43B6-B0DA-5AE8468BCBFD} | DhcpNameServer : 89.19.64.164 89.19.64.36 ([ireland][ireland])  -> Found

[PUM.StartMenu] HKEY_USERS\S-1-5-21-2719048277-607677208-3562655459-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 

 

I have a small Endpoint log that I can PM as customer personal information is prevalent.

[Dangermouse 5]

Those entries are the preferred DNS adresses for Vodafone Ireland - if that's the customer's ISP and/or equipment, it shouldn't be a problem.

 

Which operating system is being used ? Windows 10 defaults to uploading Windows Updates via P2P to other users, and if that's the case, it will chew up bandwidth and CPU and should be disabled.

 

Try a scan with Malwarebytes anti-malware free edition just to be sure.