Question about rogue.evidence eliminator

[prestonlewis]

I use Malwarebytes in several different locations. I ran Malwarebytes on all my computers today and found the rogue.evidence eliminator infection (registry only) on all the computers. Problem is, I don't use and never have used Evidence Eliminator.

It hasn't shown up before and suddenly it's on all 10 computers that I checked.

I use CA anti-virus on 7 of my computers and MSE on 3. CA and MSE never mentioned anything.

Sorry if this has been covered in the past but can someone explain why I'm getting these rogue.evidence eliminator hits?

Here are the log entries:

Registry Keys Infected:

HKEY_CLASSES_ROOT\Interface\{f272845d-cec2-4f95-92ee-6d08fdfbd471} (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{0e6117e2-c367-4be3-8045-52669e71b5df} (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Eeshellx.ShellExt (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

Thanks in advance.

[AdvancedSetup]

http://www.threatexpert.com/report.aspx?md...546e49a061cf430

Please run a Quick Scan on one of the computers again where you've not quarantined the items but use the /developer switch when you launch it.

Click on START - RUN and type in: mbam /developer then do your Quick Scan and post that back in the False Positive forum.

Also post your link here in that forum when you do post your log.

http://www.malwarebytes.org/forums/index.php?showtopic=29711&view=findpost&p=152816