bthdcc

PUM.Hijack.Help

5 posts in this topic

Does anyone know if this is a false/positive. Malwarebytes (free version) removes Pum.Hijack.Help, however, the next time you connect to the Internet and you run Malwarebytes again, it gets detected again. Does anyone know how to get rid of this?

Share this post


Link to post
Share on other sites

Many of us are running Malwarebytes Anti-Malware and are very satisfied with the product. However, recently this PUM.Hijack.Help keeps getting detected although we quarantine and delete this file. Everytime we run Malwarebytes this file gets detected. Is there a way to permanently delete this file? Thank you in advance. Attached is the log file and a screen shot of this file.

Share this post


Link to post
Share on other sites

Can you please post a scan log of the detection. Just copy and paste it here.

Share this post


Link to post
Share on other sites

Can you please post a scan log of the detection. Just copy and paste it here.

Thanks Rich,

The log is copied here, however, upon running a scan this week the PUM.Hijack.Help is not appearing.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6407

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

4/20/2011 6:54:33 PM

mbam-log-2011-04-20 (18-54-33).txt

Scan type: Quick scan

Objects scanned: 255197

Time elapsed: 17 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites

Ok to explain this a little so you understand..

This set to 1 will remove the Start Menu Help menu. Setting this to 0 will show the Help menu. We detect this if it gets changed from the default setting which malware can sometimes change. The reason we detect it as PUM means Potentially unwanted modification. If you want it this way it can just be set to ignore.

You stated "many of us" if this is in a domain or work environment this can be get by group policy on the back end.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.