Jump to content

Recommended Posts

Can you please post a log of MBam detecting this so we can duplicate it?

Thanks.

Hello

this is a mbam log before installing evidence eliminator:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8239

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

25/11/2011 21:03:48

mbam-log-2011-11-25 (21-03-48).txt

Scan type: Full scan (C:\|)

Objects scanned: 223334

Time elapsed: 39 minute(s), 33 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

And this is a mbam log after installing evidence eliminator:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8239

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

25/11/2011 21:24:28

mbam-log-2011-11-25 (21-24-21).txt

Scan type: Quick scan

Objects scanned: 129

Time elapsed: 8 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 3

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 4

Files Infected: 129

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{F9938A2A-C9BF-4BD1-8F60-666B284D6030} (Rogue.EvidenceEliminator) -> No action taken.

HKEY_CLASSES_ROOT\EEShellExt.FileFolderExt (Rogue.EvidenceEliminator) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Evidence Eliminator (Rogue.EvidenceEliminator) -> No action taken.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F9938A2A-C9BF-4BD1-8F60-666B284D6030} (Rogue.EvidenceEliminator) -> Value: {F9938A2A-C9BF-4BD1-8F60-666B284D6030} -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

c:\program files\evidence eliminator (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Help (Rogue.EvidenceEliminator) -> No action taken.

Files Infected:

c:\program files\evidence eliminator\Ee.exe (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\eeshellext.dll (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\INSTALL.LOG (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\License.txt (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\ReadMe.txt (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\UNWISE.EXE (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\UNWISE.INI (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\absoluteftp.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\acdsee photo viewer v3.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adaptec easy cd creator v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v3.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v3.1.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v4.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v5.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v5.1.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v6.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v7.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v8.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat reader v9.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe acrobat v6.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v10.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v11.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v12.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v5.0 le.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v5.5.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v5.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v6.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v7.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v8.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ASPack.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\avant browser.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\cabinet manager.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\copernic 2000 pro.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\copernic 2000.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\copernic agent.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\corel paintshop pro v10.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\cute ftp v3.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\cute ftp v4.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\cute ftp v7.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\delphi v3.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\delphi v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\delphi v5.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\diskkeeper v5.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\divxplayer.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\download accelerator.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\EventLog.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ftp explorer.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\getright explorerbar.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\getright v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\google chrome.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\googlebar.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\googlenavigation.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\GoZilla.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\helios textpad v3.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\helios textpad v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\helpwriter.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\icon extractor.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\icq 2000a.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\installshield express.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\j2 messenger.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\jasc paintshop pro v5.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\jasc paintshop pro v7.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\jasc paintshop pro v8.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\jet photoshell v1.2.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\Kazaa.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\limewire v4.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\macromedia flash v4.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\mastersplitter v2.1.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\mcafee virus scan v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microangelo 98.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\micrografx picture publisher v7.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\micrografx picture publisher v8.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft frontpage express.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft frontpage.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft help workshop.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft html help.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft publisher 2000.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft send-to extensions.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft windows paint.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft windows wordpad.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\my network places.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\napster music community.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\neato labels.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\neoplanet v5.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\norton antivirus 2000 (v6).eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\norton antivirus 2003.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\norton file manager.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\norton internet security 2004.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\norton personal firewall.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\norton utilities 2000.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\adobe photoshop v9.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\eudora mail.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\jasc paintshop pro v6.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\microsoft office.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\notetab pro.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ulead photoimpact v10.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\opera browser.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\packagefortheweb.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\personal ancestral file.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\quicktime.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\real audio player v6 v7 v8.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\real download v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\real player v10.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\realone player.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\remotedesktop.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\roxio easy cd creator v6.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\safari browser.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\surething cd labeler.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\Telnet.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ulead gif animator v4.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ulead photo explorer v4.2.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ulead photo viewer v4.0.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ulead photoimpact v5.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ulead photoimpact viewer v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ultraedit v4.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\ultraedit v7.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\web ferret v3.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\WinOnCD.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\winrar v2.6.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\winrar v2.70.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\winrar v3.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\winzip v7.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\winzip v8.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\wise installer.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\yahoo player.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\yahoomessenger.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\zipmagic 2000.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Data\Plug-Ins\zone alarm.eep (Rogue.EvidenceEliminator) -> No action taken.

c:\program files\evidence eliminator\Help\ee.chm (Rogue.EvidenceEliminator) -> No action taken.

thanks.

Link to post
Share on other sites

The company behind EvidenceEliminator at one time was using malware to hijack systems and promote their software, their actual software was not the cause of their listing.

We are going to evaluate their current and recent advertising techniques and determine if the listing should be lifted.

https://www.google.com/search?q=%22shdocpl.dll%22+evidence+eliminator&hl=en&lr=&num=100&filter=0

You can research their past victims with the above link.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.