PumHijackHo AGAIN, and it's not a change i made.

Discussion in 'Malware Help (A Specialist Will Reply)' started by ccn, Jun 21, 2013.

  1. ccn

    ccn Private E-2

    Hi everyone, i battled this thing in the past and got rid of it for awhile after i used DBAN and reinstalled. After another reinstall without wiping the drive with DBAN it's back.

    Let me explain what procedure i follow after reinstalling, after i get through the formatting the drive part and adding drivers from a dvd that was burnt for me on a clean computer, i download Avast , Malwarebytes and Firefox immediately before going online which are also on that dvd to get all windows updates.

    Since PUMHIJACKHO has been found in the IE Microsoft policies homepage section, i (before going online ) turn off IE8 by the (turn windows features on/off ) feature and use Firefox instead.

    To my great dissapointment, after all windows updates and updates for all the other programs have completed i do a scan with Malwarebytes and PUMHIJACKHO is back.

    I had a feeling it was back when i inserted my windows iso disk in the dvd slot to re install because it always makes a lot of noises but i went ahead anyway.

    Is there anyway i can really get rid of this thing?

    I used to think i got this thing when installing Avast and other programs when going online without protection while downloading updates , but after Chaslang suggested i get protection before going online by having someone burn me a disk from a clean computer with those programs i thought i would be alright.

    Please help, nothing has worked except using DBAN.
    Thank you
     
    ccn, Jun 21, 2013
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    As I stated in your previous thread on this, PUM stands for "potentially unwanted modification". These are not necessarily related to malware. Most people change quite a few default Windows settings and these changes will show up as PUM. It is just a notification to make sure that you are the one that made the settings changes. For example, one such setting may be the below.

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

    This just means that the end user changed the default setting for not showing the Run command to having the Run command show which is what most people will want.
     
    chaslang, Jun 21, 2013
    #2
  3. ccn

    ccn Private E-2

    Hi Chaslang, don't get me wrong, your advice is always very much appreciated as i always end up coming here because of it . I feel if you cant fix it nobody can .

    I understand exactly what your saying but this thing shows itself before i make any changes and it always shows (BAD 1) never (GOOD 0) at the end.

    I have managed to get rid of it for awhile in the past when i used DBAN and i always follow the same procedure , but this time it came back .

    If i put anything in the DVD drive it just opens and closes and makes all types of non stop noises.
     
    ccn, Jun 21, 2013
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    But it is a waste of time to due this as this is most likely not a problem. Attach a log from Malwarebytes to show us exactly what was being found.

    Please post about this in the Hardware Forum
     
    chaslang, Jun 22, 2013
    #4
  5. ccn

    ccn Private E-2




    I am coming to the conclusion that your right , it seems i am spending way too much time fighting it when it really may not be a major issue. I was curious as to why it always had a 1 under (Bad) instead of a 1 under (good) maybe that's why i think it's bad.




    Unfortunately i deleted the Mbam logs while deleting it so if it comes up again i will be sure to post the log so you can see it, somehow i know you will remember.Thanks again Chaslang, your help is very much appreciated.

    ps. I am a native Northern N.J guy myself but moved down here rather recently to get away from the always hectic N.J lifestyle, don't like it here either, way too slow:(:(
     
    ccn, Jun 24, 2013
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Poor choice of wording. Bad really means not the expected Windows Default and Good really means the expected default setting. Most people change quite a few Windows defaults to have menus and other settings how they like them, not how Microsoft defaults them. By default your Home Page is either www.microsoft.com or msn.com. Does it make it bad because you change it to yahoo.com? Of course not. It personal choice. But it is still not default.


    Maybe slow, but nicer in the winter and no traffic jams like up here. ;)
     
    chaslang, Jun 24, 2013
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds