Results 1 to 6 of 6
  1. #1
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,371
    Thanks
    235
    Thanked 147 Times in 136 Posts

    PUM.Hijack.StartMenu


    I was having a problem confirming that
    PUM.Hijack.StartMenu, HKU\S-1-5-21-1202660629-308236825-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLOR ER\ADVANCED|StartMenuLogoff, 1, Good: (0), Bad: (1),,[d3a4e07ed7a5162002ba203f30d549b7]
    PUM.Hijack.StartMenu,
    and several similar entries in a Malwarebytes log is nothing to worry about. Has anyone seen this??


    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  2. #2
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,727
    Thanks
    95
    Thanked 127 Times in 124 Posts
    a PUP notice?
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  3. #3
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,142
    Thanks
    101
    Thanked 579 Times in 464 Posts
    From PUM.Hijack.StartMenu Description

    PUM.Hijack.StartMenu refers to a PUM, that is, a potentially unwanted modification. PUM.Hijack.StartMenu in particular refers to a change made to your start menu settings. Various common anti-malware programs detect these changes to your start menu settings as PUM.Hijack.StartMenu. While changes associated with PUM.Hijack.StartMenu may have been made on purpose by the computer user, most of the time PUM.Hijack.StartMenu will be the result of a malware infection. Several browser hijackers in particular are often responsible for PUM.Hijack.StartMenu potentially unwanted modification. This change to the Start Menu can typically affect the way buttons on the menu are displayed or in an altering of Start Menu's typical layout. If your anti-malware application is displaying a PUM.Hijack.StartMenu warning, this may be a sign of a potentially dangerous malware infection on your computer system. However, the mere presence of the PUM.Hijack.StartMenu detection is not necessarily related to malware on your computer and may simply be the result of your own tweaks to your computer's interface or to changes that a legitimately useful application may have made.
    What was Malwarebyte's recommended action?
    Last edited by Rick Corbett; 2014-12-06 at 16:46.

  4. #4
    2 Star Lounger 1PW's Avatar
    Join Date
    Feb 2011
    Location
    North of the 38th parallel.
    Posts
    131
    Thanks
    26
    Thanked 46 Times in 28 Posts
    PUMs are always a serious concern.

    When any PUM is detected by MBAM Free/Trial/Premium, quarantine it/them. Follow-up with an updated Threat Scan with all options enabled.

    Then, if nothing adverse develops in 7 days, delete everything that was quarantined.

  5. #5
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,371
    Thanks
    235
    Thanked 147 Times in 136 Posts
    I am thinking the key may be benign but it would be nice to know for sure what the key does. It looks like it allows for a logoff shortcut in the start menu. I do not remember what MB recommended. If MB thinks it is a dangerous setting it would be nice if it was capable of telling me why. But I guess you get what you pay for and it is the freebie.
    Another question is: How do you quarantine a registry key ?


    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  6. #6
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,727
    Thanks
    95
    Thanked 127 Times in 124 Posts
    What MBAM does is remove the registry key[s] in question and makes a copy of said key[s] in quarantine. If you decide to reinstate any particular key, MBAM simply rewrites back into the registry. Spybot can do likewise. Other malware fighters - samo sumo samo.
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •