I ran Malwarebytes this morning and it detected this:
Registry Data: 2
Broken.OpenCommand, HKCR\piffile\shell\open\command, "C:\Program Files (x86)\Foolish IT\CryptoPrevent
\CryptoPreventFilterMod.exe" *"Good: ("Bad: ("C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPrevent
FilterMod.exe" *"%1" %*),Replaced,[ffffffffffffffffffffffffffffffff]" %*)" %*, %4, %5
Broken.OpenCommand, HKCR\scrfile\shell\open\command, "C:\Program Files (x86)\Foolish IT\CryptoPrevent
\CryptoPreventFilterMod.exe" "Good: ("Bad: ("C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPrevent
FilterMod.exe" "%1" /S %*),Replaced,[ffffffffffffffffffffffffffffffff]" /S)" /S %*, %4, %5
If I'm reading the notes correctly on CryptoPrevent, I believe this is a False Positive detection. I just want to make sure. Can I exclude this on my Malwarebytes scan? WinPatrol keeps coming up asking if its ok to allow this change. I check no. I need your opinion on this before I do anything. Thanks
