{"id":384,"date":"2015-11-09T08:02:04","date_gmt":"2015-11-09T08:02:04","guid":{"rendered":"http:\/\/www.adlice.com\/?p=384"},"modified":"2022-12-21T10:37:14","modified_gmt":"2022-12-21T10:37:14","slug":"remove-pum","status":"publish","type":"post","link":"https:\/\/www.adlice.com\/de\/remove-pum\/","title":{"rendered":"How to Remove Potentially Unwanted Modification (PUM) ?"},"content":{"rendered":"\n

What is a Potentially Unwanted Modification (PUM)?<\/h4>\n\n\n\n

A PUM (for Potentially Unwanted Modification<\/em>)<\/strong> is a sensitive modification made by a program<\/strong> which can be malware or legit, or even made by the user. Such detection is triggered depending on what is modified.<\/p>\n\n\n\n


Several examples<\/h4>\n\n\n\n

PUM.Proxy:<\/strong> A proxy<\/a> is a program running either locally (on your machine) or on a remote machine (server) that acts as a web filter<\/strong>. It’s able to read, decode and filter all your internet traffic<\/strong> and bounce some requests based on rules. In an enterprise context, proxies are used to protect endpoints or deny some websites at work<\/strong> (Facebook, …). At home, most of the time these proxies are malicious<\/strong>.<\/p>\n\n\n\n

Malware use proxies to deny access to help forums<\/strong>, or download websites<\/strong> (they don’t want you to be able to disinfect your machine). They are also used to retrieve information regarding your internet habits, and inject ads or redirect to malicious websites. What you need to know basically is that a proxy can read and modify all internet traffic that passes through<\/strong> it.<\/p>\n\n\n\n

The following example is made with a LEGIT program<\/strong>, fiddler. It demonstrates what a proxy can do (running locally).
\"Capture1\"<\/a><\/p>\n\n\n\n

 
RogueKiller detects<\/a><\/strong> the PUM like this:
\"Capture2\"<\/a><\/p>\n\n\n\n

\n\n\n\n

PUM.DNS:<\/strong> A DNS is a server that translates host names<\/strong> (ex: google.com) into an IP address<\/strong> (ex: 216:58.192.14). Usually, a good DNS configuration points to your ISP’s DNS server<\/strong>, or to third party DNS servers like OpenDNS or Google DNS. However, some malware can change that configuration<\/strong> (it’s a registry key) to point to a malicious DNS server, that will return wrong IP addresses and force you to go on malicious websites<\/strong> (ex: you type google.com and malicious DNS returns you the address of a server that looks like Google but serves malicious things).<\/p>\n\n\n\n


Should I remove?<\/h4>\n\n\n\n

By default, PUMs are considered in-between malware and safe<\/strong>. RogueKiller cannot decide by itself if it’s malicious or not, just point that it exists. It’s done this way because sometimes the modification is wanted<\/strong> and has been setup by user itself or by machine’s administrator (in enterprise).<\/p>\n\n\n\n

To answer the question, it’s up to you<\/strong>. If you’re at home, you probably want to remove them.
However, you need to know it’s SAFE TO REMOVE and won’t break your computer<\/strong>, PUMs are not critical.<\/p>\n\n\n\n


Removal<\/h4>\n\n\n\n

Scan your computer with RogueKiller<\/a> and remove detected PUM values<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Got infected with a PUM (Ppotentially Unwanted Modification)? Follow this step by step guide to get rid of it. Our guide also includes a short analysis.<\/p>\n","protected":false},"author":1,"featured_media":178,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[103],"tags":[337,48,106],"class_list":["post-384","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guide","tag-pum","tag-removal","tag-roguekiller","category-103","description-off"],"views":998569,"yoast_score":61,"yoast_readable":30,"featured_image_src":"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg","author_info":{"display_name":"tigzy","author_link":"https:\/\/www.adlice.com\/de\/author\/tigzy\/"},"yoast_head":"\nRemove Potentially Unwanted Modification | Guide \u2022 Adlice Software<\/title>\n<meta name=\"description\" content=\"Got infected with a PUM (Potentially Unwanted Modification)? Follow this step by step guide to get rid of it with RogueKiller.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.adlice.com\/remove-pum\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Remove Potentially Unwanted Modification | Guide \u2022 Adlice Software\" \/>\n<meta property=\"og:description\" content=\"Got infected with a PUM (Potentially Unwanted Modification)? Follow this step by step guide to get rid of it with RogueKiller.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.adlice.com\/remove-pum\/\" \/>\n<meta property=\"og:site_name\" content=\"Adlice Software\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/RogueKiller\" \/>\n<meta property=\"article:published_time\" content=\"2015-11-09T08:02:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-12-21T10:37:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1250\" \/>\n\t<meta property=\"og:image:height\" content=\"1250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"tigzy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@AdliceSoftware\" \/>\n<meta name=\"twitter:site\" content=\"@AdliceSoftware\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"tigzy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"3\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/\"},\"author\":{\"name\":\"tigzy\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d\"},\"headline\":\"How to Remove Potentially Unwanted Modification (PUM) ?\",\"datePublished\":\"2015-11-09T08:02:04+00:00\",\"dateModified\":\"2022-12-21T10:37:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/\"},\"wordCount\":414,\"commentCount\":11,\"publisher\":{\"@id\":\"https:\/\/www.adlice.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg\",\"keywords\":[\"pum\",\"removal\",\"roguekiller\"],\"articleSection\":[\"Guide\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/\",\"url\":\"https:\/\/www.adlice.com\/remove-pum\/\",\"name\":\"Remove Potentially Unwanted Modification | Guide \u2022 Adlice Software\",\"isPartOf\":{\"@id\":\"https:\/\/www.adlice.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg\",\"datePublished\":\"2015-11-09T08:02:04+00:00\",\"dateModified\":\"2022-12-21T10:37:14+00:00\",\"description\":\"Got infected with a PUM (Potentially Unwanted Modification)? Follow this step by step guide to get rid of it with RogueKiller.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.adlice.com\/remove-pum\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/#primaryimage\",\"url\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg\",\"contentUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg\",\"width\":1250,\"height\":1250},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.adlice.com\/remove-pum\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.adlice.com\/de\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Remove Potentially Unwanted Modification (PUM) ?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.adlice.com\/#website\",\"url\":\"https:\/\/www.adlice.com\/\",\"name\":\"Adlice Software\",\"description\":\"Anti-malware and analysis tools\",\"publisher\":{\"@id\":\"https:\/\/www.adlice.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.adlice.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.adlice.com\/#organization\",\"name\":\"Adlice Software\",\"url\":\"https:\/\/www.adlice.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png\",\"contentUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png\",\"width\":276,\"height\":276,\"caption\":\"Adlice Software\"},\"image\":{\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/RogueKiller\",\"https:\/\/x.com\/AdliceSoftware\",\"https:\/\/fr.linkedin.com\/company\/adlice-software\",\"https:\/\/www.youtube.com\/channel\/UC4CQ-gIZMGWxl-auf0QqYhQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d\",\"name\":\"tigzy\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g\",\"caption\":\"tigzy\"},\"description\":\"Founder and owner of Adlice Software, Tigzy started as lead developer on the popular Anti-malware called RogueKiller. Involved in all the Adlice projects as lead developer, Tigzy is also doing research and reverse engineering as well as writing blog posts.\",\"url\":\"https:\/\/www.adlice.com\/de\/author\/tigzy\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Remove Potentially Unwanted Modification | Guide \u2022 Adlice Software","description":"Got infected with a PUM (Potentially Unwanted Modification)? Follow this step by step guide to get rid of it with RogueKiller.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.adlice.com\/remove-pum\/","og_locale":"de_DE","og_type":"article","og_title":"Remove Potentially Unwanted Modification | Guide \u2022 Adlice Software","og_description":"Got infected with a PUM (Potentially Unwanted Modification)? Follow this step by step guide to get rid of it with RogueKiller.","og_url":"https:\/\/www.adlice.com\/remove-pum\/","og_site_name":"Adlice Software","article_publisher":"https:\/\/www.facebook.com\/RogueKiller","article_published_time":"2015-11-09T08:02:04+00:00","article_modified_time":"2022-12-21T10:37:14+00:00","og_image":[{"width":1250,"height":1250,"url":"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg","type":"image\/jpeg"}],"author":"tigzy","twitter_card":"summary_large_image","twitter_creator":"@AdliceSoftware","twitter_site":"@AdliceSoftware","twitter_misc":{"Verfasst von":"tigzy","Gesch\u00e4tzte Lesezeit":"3\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.adlice.com\/remove-pum\/#article","isPartOf":{"@id":"https:\/\/www.adlice.com\/remove-pum\/"},"author":{"name":"tigzy","@id":"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d"},"headline":"How to Remove Potentially Unwanted Modification (PUM) ?","datePublished":"2015-11-09T08:02:04+00:00","dateModified":"2022-12-21T10:37:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.adlice.com\/remove-pum\/"},"wordCount":414,"commentCount":11,"publisher":{"@id":"https:\/\/www.adlice.com\/#organization"},"image":{"@id":"https:\/\/www.adlice.com\/remove-pum\/#primaryimage"},"thumbnailUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg","keywords":["pum","removal","roguekiller"],"articleSection":["Guide"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.adlice.com\/remove-pum\/","url":"https:\/\/www.adlice.com\/remove-pum\/","name":"Remove Potentially Unwanted Modification | Guide \u2022 Adlice Software","isPartOf":{"@id":"https:\/\/www.adlice.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.adlice.com\/remove-pum\/#primaryimage"},"image":{"@id":"https:\/\/www.adlice.com\/remove-pum\/#primaryimage"},"thumbnailUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg","datePublished":"2015-11-09T08:02:04+00:00","dateModified":"2022-12-21T10:37:14+00:00","description":"Got infected with a PUM (Potentially Unwanted Modification)? Follow this step by step guide to get rid of it with RogueKiller.","breadcrumb":{"@id":"https:\/\/www.adlice.com\/remove-pum\/#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.adlice.com\/remove-pum\/"]}]},{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.adlice.com\/remove-pum\/#primaryimage","url":"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg","contentUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2014\/02\/Yellow-1940x1940-e1503055871510.jpeg","width":1250,"height":1250},{"@type":"BreadcrumbList","@id":"https:\/\/www.adlice.com\/remove-pum\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.adlice.com\/de\/"},{"@type":"ListItem","position":2,"name":"How to Remove Potentially Unwanted Modification (PUM) ?"}]},{"@type":"WebSite","@id":"https:\/\/www.adlice.com\/#website","url":"https:\/\/www.adlice.com\/","name":"Adlice Software","description":"Anti-malware and analysis tools","publisher":{"@id":"https:\/\/www.adlice.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.adlice.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.adlice.com\/#organization","name":"Adlice Software","url":"https:\/\/www.adlice.com\/","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png","contentUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png","width":276,"height":276,"caption":"Adlice Software"},"image":{"@id":"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/RogueKiller","https:\/\/x.com\/AdliceSoftware","https:\/\/fr.linkedin.com\/company\/adlice-software","https:\/\/www.youtube.com\/channel\/UC4CQ-gIZMGWxl-auf0QqYhQ"]},{"@type":"Person","@id":"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d","name":"tigzy","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.adlice.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g","caption":"tigzy"},"description":"Founder and owner of Adlice Software, Tigzy started as lead developer on the popular Anti-malware called RogueKiller. Involved in all the Adlice projects as lead developer, Tigzy is also doing research and reverse engineering as well as writing blog posts.","url":"https:\/\/www.adlice.com\/de\/author\/tigzy\/"}]}},"_links":{"self":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/posts\/384","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/comments?post=384"}],"version-history":[{"count":0,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/posts\/384\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/media\/178"}],"wp:attachment":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/media?parent=384"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/categories?post=384"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/tags?post=384"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}