2014/07/25 19:36:40 +0100
mbam-log-2014-07-25 (19-36-37).xml
yes
2.00.2.1012
v2014.07.25.06
v2014.07.17.01
trial
enabled
enabled
disabled
Windows 7 Service Pack 1
x86
Dave
NTFS
threat
completed
260169
0
0
0
0
2
0
1
0
enabled
enabled
enabled
enabled
enabled
disabled
enabled
enabled
enabled
HKCR\piffile\shell\open\commandBroken.OpenCommandreplaced"C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" *"%1" %*"C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" *"%1" %*"%1" %*ffffffffffffffffffffffffffffffff
HKCR\scrfile\shell\open\commandBroken.OpenCommandreplaced"C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "%1" /S %*"C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "%1" /S %*"%1" /Sffffffffffffffffffffffffffffffff
C:\ProgramData\C19A00E5A3B1C2F2F77C64ACEABED926\hin3orf.cppTrojan.Ransom.EDsuccessf5acc5dbdc9fc76fd90a6f37d3317c84