PUM.Optional.UserWLoad

Short Bio

This detection is for a potentially unwanted modification (PUM) in the registry where an added autostart entry path can be used to run a file or script when a user logs on the affected machine. It’s likely that malware is using this autostart location.

System Modifications

The following registry value data is modified:

Under
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\
CurrentVersion\Windows

From:
load=

To:
load={random file path}

Remediation

Malwarebytes can modify this registry value data back to its Windows default setting without user interaction.

Also, we advise users to do a full system scan as PUM.Optional.UserWLoad could have been added to the system by malware or a PUP.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language