Pum hijack start menu

[7PStone]

Hi I am new memeber. I have windows 7 64 bit, avast 7.0126, Comodo internet security 5.10, webroot spysweeper 6.1057 and malware bytes 1.6101400 on both of my laptops (Gateway NV59 and Hewlett Packard HDX16)

The first time I did a quick scan with malwarebytes it found the following on both:

Registry Data Items Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

I did not delete it.

I did the following:

Webroot Spyware - Full scan completed - nothing found

Avast Antivirus - full Scan completed - nothing found

Panda Online Scan Cleaner - nothing found

I then rescan my laptops with malware bytes and it still found the pum hijack start menu.

I would like to know is this an actual malware or is it just a false postive.

My HP HDX 16 in February 2012 had to be services as I could only load in safe mode - Windows 7 was corrupted, and therefore it was reformated, reinstalled. My HP HDX16 has been on the internet since february 2012 and the first time it was April 30 to reinstall Avast. So I do not understand how this could have been infected (if it is an infection) when this system is hardly on the internet.

I would understand the Gateway but not the HP HDX16.

I would like to know based on the above is this a real malware or a false postive and if so how to remove it complete and check to see if my system is clean. I have installed the log file for your review.

Please send confirmation that a reply has been posted to my post thanks

mbam-log-2012-05-06 (22-23-06).txt

[exile360]

Greetings and welcome

That item is neither malware nor a false positive. The term PUM means Potentially Unwanted Modification. PUM detections represent changes to system settings which may be undesirable to the user and are frequently changed by infections.

In this case, the option to search from the START menu has been disabled. If you have done this yourself then you may simply have Malwarebytes Anti-Malware ignore this item.

I also highly recommend that you either remove Avast! from your system or disable the antivirus component in COMODO Internet Security as having two antivirus products active in realtime is likely to cause problems.

[7PStone]

Comodo Antivirus is disabled. I only use it as a second vertificaiton to Avast. How could one disable search from the START menu. I do not think I have done this. Is there anyway to enable it. If so please provide steps. I tried searching from the Startmenu and I can, so I do not think that it is disbled. Is there a way I can check.

Also If I have ever have to remove anything that Malwarebytes has found I would like to know if Malwarebytes makes a backup of the whole registry before it removes it and where does it store it.

Is there a way I setup notifications from your forum to let me know that I have received a reply to my issue.

Your assistance in this matter is greatly appreciated.

Thank you for your replies

[exile360]

Comodo Antivirus is disabled. I only use it as a second vertificaiton to Avast.

Excellent, that shouldn't be a problem then.

How could one disable search from the START menu. I do not think I have done this. Is there anyway to enable it. If so please provide steps. I tried searching from the Startmenu and I can, so I do not think that it is disbled. Is there a way I can check.

That's what the policy that Malwarebytes Anti-Malware detected does. It disables searching from the START menu, however, I did some research and this setting doesn't apply to Windows 7, only Windows XP, so it's odd that this setting even exists on your system at all, because it doesn't by default (neither on or off, the setting simply should not be there).

Also If I have ever have to remove anything that Malwarebytes has found I would like to know if Malwarebytes makes a backup of the whole registry before it removes it and where does it store it.

Yes, it creates a backup in quarantine. The quarantine can be accessed from the Quarantine tab and you can restore items from there.

Is there a way I setup notifications from your forum to let me know that I have received a reply to my issue.

Yes, just click the Follow this topic button on the upper right-hand side of this page.

[Oaks]

Hi, this info was helpful to me so I thought I'd return the courtesy.

For future reference. The option to search from the START Menu can easily be enabled/disabled for both XP and Windows 7, via Task Bar & Start Menu properties.

1.) Right-click the Start Button/Orb and select properties. In XP select the Advanced Tab, for Win7 select the Start Menu and click Customize.

2.) Search the relevant list to see the status of your Search settings (In my case as soon as I read the info here I knew I'd disabled them previously).