Four PUM.DNS were found in the registry, besides saying that the user have no issue on his machine, when a system user had run an anti-virus software. He ran in safe mode and RK, then he did not find anything. When he rebooted and ran RK, again it found 4 PUM.DNS entries, again in the registry. He was puzzled that what was happening with his system.
PUM.DNS (PUM stands for potentially unwanted modification) is a Trojan Virus category of viruses. It belongs to the notorious data-stealing family of Win32/Alureon. Hackers can use this virus as a tool to steal user’s confidential information from the infected computer system. It can load its malicious modules deep inside the PC settings.
Trojans like PUM.DNS has become a real threat to many organizations and users of the computer system for more than a decade. Statistics taken from Cyber Security (2012) shows that three types of major security incidents are often reported i.e, fraud, intrusion and malicious code, which is clear from the above shown picture. The capabilities of such Trojan Horse can be determined by using static and dynamic analysis, which are following:
Static Analysis- Its mechanism is by looking at the files associated with the Trojan Horse in the computer without running the program.
Looking for script
Dynamic Analysis- it includes executing the Trojan horse and observing its actions. PUM.DNS was activated in a controlled laboratory environment by following procedures:
Monitoring file activities
Monitoring network activities and registry access
Automatic analysis (malware sandbox)
What can be the payloads of PUM.DNS
Payload is defined as a destructive mechanism and is designed with malicious intention. Based on the research done by the cyber security experts, this Trojan might lead loss of confidential information, doubt of the information integrity (information that is sent and received by the victim) and might damage the victim’s computer and caused the loss of the internet access (the availability of the computer and infrastructure). Five main destructive mechanisms have been identified which are: install backdoor, denial of service (DoS), command and control, steal confidential information and download.
How Can PUM. DNS Infect A System
According to the same cyber security report, the Trojan Horse infects the victim’s computer via two ways, which are via host or network. Examples of the hosts are USB, file and smart phone. These are the most common hosts available today. As for the infection via network, the victim’s computer can be infected by executing the attachment that was enclosed in the received email or by downloading and executing file from untrusted website. Apart from that, chatting channels such as Internet Relay Chat (IRC), facebook messenger and Yahoo messenger are examples of the communication channels that can be used and exploited to spread the trojan horse. By clicking the link or URL and executing file that was sent via chatting channel especially from unknown friend, it can expose the end user of being infected by the trojan horse. Indeed the communication channel can also be used to control victim’s computer remotely. To certain extend, the attacker is able to own a large number of computers which have been infected with IRC Trojan Horse and controlled them through IRC channel .
How To Remove PUM.DNS From A Computer System
As the manual removal of PUM.DNS may be a tedious task for a novice user and may also not be much effective. It is risky too, as if there is any error during removal process, then it may corrupt a system file. It may be shown again as this Trojan has modified the settings in the registry to enable itself to activate automatically after the user reboots the system. Thus, to remove such viruses permanently, user should follow the automatic removal tool.
Following steps are followed to remove PUM.DNS automatically.
Step 1- First download and install PUM.DNS Removal tool, now select Scan Computer to initiate the scanning process. It will scan memory, registry entries, files and cookies. One can select custom scan to scan specific files.
Step 2- Once the scanning process is completed PUM.DNS and related threats Found:, list of threats including PUM.DNS and related threats Found: will be detected.
Step 3- Spyware HelpDesk: It is one of the best feature that makes this tool much more better than conventional security program. One can easily contact our support desk 24X7 for any help related PUM.DNS and. But it is only applicable with licensed version of the program.
Step 4- System Guard: It will protect against PUM.DNS and related threats as well as other malicious threats in future. This in-built special features can block infected process from being executed.
Step 5- Network Sentry: It will give full control on system and its settings. It helps to prevent PUM.DNS from modifying your Internet and its DNS settings. Thus your computer will be protected from getting redirected to malicious website.
Step 6- Scan Scheduler: It is able preset a defined time through which your computer can undergo complete scan. One can select for any day of the week or month for scheduling the scan for but PC must be turned on.