"The setup files are corrupted. Please obtain a new copy of the program."

[Wal]

I'm guessing something doesn't want me to get rid of it! Any help greatly received.

Thanks

Wal

Sorry, guess I should have been a bit more forth coming with info, was a bit late last night!

Basically, I've got Gorilla Price, which I'm trying to get rid off. Every time I try to download and install Malwarebytes, I get the above error message. I am working on the assumption there is something stopping this file from downloading/installing?

What are my options?

Thanks

Wal

[Maniac]

Hello Wal and ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

[Wal]

Hi

 

Thanks in advance for your help.

 

Wal

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.19088

Run by Stuart at 13:46:16 on 2014-01-05

Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1252.44.1033.18.1977.785 [GMT 0:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

AV: AVG Anti-Virus *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Windows\system32\srvany.exe

C:\Windows\kmsem\KMService.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\ProgramData\GorillaPrice\WatGorp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\AVG\AVG9\avgtray.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\system32\igfxext.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Windows\system32\RunDll32.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Users\Stuart\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\GorillaPrice\GorillaPrice.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uProxyServer = hxxp=127.0.0.1:8080

uURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLL

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [Acer ePower Management] c:\program files\emachines\emachines power management\ePowerTray.exe

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [skytel] c:\program files\realtek\audio\hda\Skytel.exe

mRun: [WarReg_PopUp] c:\program files\emachines\wr_popup\WarReg_PopUp.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [LManager] c:\progra~1\launch~1\LManager.exe

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

StartupFolder: c:\users\stuart\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\stuart\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\users\stuart\appdata\roaming\micros~1\windows\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{ADABDCAA-546C-4329-819C-6212FCCCE0E5} : DHCPNameServer = 192.168.0.1

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs= AVGRSSTX.DLL

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-4-20 52872]

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-20 216400]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-20 29584]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-20 243024]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-7-14 65584]

R1 MpKsl53edeab3;MpKsl53edeab3;c:\programdata\microsoft\microsoft antimalware\definition updates\{7eb0d5f4-c1e4-4833-a687-1b38d1398cba}\MpKsl53edeab3.sys [2014-1-5 40392]

R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]

R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2011-7-24 1740696]

R2 ePowerSvc;Acer ePower Service;c:\program files\emachines\emachines power management\ePowerSvc.exe [2009-3-11 653856]

R2 GorillaPrice;GorillaPrice;c:\program files\gorillaprice\gorillaprice.exe -service --> c:\program files\gorillaprice\GorillaPrice.exe -service [?]

R2 KMService;KMService;c:\windows\system32\srvany.exe [2012-5-7 8192]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 104768]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-23 144632]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]

R2 WatGorp;WatGorp;c:\programdata\gorillaprice\watgorp.exe -service --> c:\programdata\gorillaprice\WatGorp.exe -service [?]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-7-24 73216]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C60x86.sys [2009-3-11 49664]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]

S2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-6-22 921952]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe --> c:\progra~1\mcafee\sitead~1\mcsacore.exe [?]

S2 Update Kozaka;Update Kozaka;"c:\program files\kozaka\updatekozaka.exe" --> c:\program files\kozaka\updateKozaka.exe [?]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 517448]

S3 Blackberry Device Manager;BlackBerry Device Manager;"c:\program files\common files\research in motion\usb drivers\bbdevmgr.exe" --> c:\program files\common files\research in motion\usb drivers\BbDevMgr.exe [?]

S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2011-7-24 11136]

S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-7-24 235392]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-23 50424]

SUnknown MpKsl7aebc3de;MpKsl7aebc3de; [x]

.

=============== Created Last 30 ================

.

2014-01-05 13:37:02 40392 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{7eb0d5f4-c1e4-4833-a687-1b38d1398cba}\MpKsl53edeab3.sys

2014-01-05 12:04:51 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{7eb0d5f4-c1e4-4833-a687-1b38d1398cba}\mpengine.dll

2014-01-04 13:22:29 -------- d-----w- c:\programdata\boost_interprocess

2014-01-04 12:44:21 -------- d-----w- C:\FRST

2014-01-04 11:39:03 -------- d-----w- c:\users\stuart\appdata\roaming\WinZip

2014-01-03 20:36:00 -------- d-----w- c:\windows\ERUNT

2014-01-03 20:34:19 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2014-01-03 19:59:20 -------- d-----w- C:\AdwCleaner

2014-01-02 23:00:11 -------- d-----w- c:\program files\Enigma Software Group

2014-01-02 22:58:12 -------- d-----w- c:\windows\220FB0354744483A9A0B41DF77061583.TMP

2014-01-02 22:57:59 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2014-01-02 22:26:44 -------- d-----w- c:\users\stuart\appdata\roaming\Open Download Manager

2014-01-02 22:24:39 -------- d-----w- c:\programdata\GorillaPrice

2014-01-02 22:24:34 -------- d-----w- c:\program files\GorillaPrice

2014-01-02 22:22:12 -------- d-----w- c:\program files\OpenDownloaderManager

2013-12-31 19:31:10 -------- d-----w- c:\users\stuart\.android

2013-12-31 19:31:09 -------- d-----w- c:\users\stuart\appdata\local\cache

2013-12-31 19:31:04 -------- d-----w- c:\users\stuart\appdata\roaming\newnext.me

2013-12-31 19:31:04 -------- d-----w- c:\users\stuart\appdata\local\genienext

2013-12-27 21:47:46 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{36b86230-d7f2-4c30-adf0-56ee4e118821}\gapaengine.dll

2013-12-27 21:22:43 -------- d-----w- c:\windows\Options

2013-12-27 21:22:43 -------- d-----w- c:\program files\Broadcom

2013-12-27 21:20:50 -------- d-----w- c:\programdata\Broadcom

2013-12-24 21:24:15 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2013-12-24 21:17:18 125952 ----a-w- c:\windows\system32\srvsvc.dll

2013-12-24 21:17:17 17920 ----a-w- c:\windows\system32\netevent.dll

2013-12-24 21:17:02 378368 ----a-w- c:\windows\system32\winhttp.dll

2013-12-24 21:15:01 411136 ----a-w- c:\windows\system32\drivers\http.sys

2013-12-24 21:15:01 31232 ----a-w- c:\windows\system32\httpapi.dll

2013-12-24 21:15:00 24064 ----a-w- c:\windows\system32\nshhttp.dll

2013-12-24 19:34:16 -------- d-----w- c:\windows\system32\MRT

2013-12-17 22:19:14 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe

2013-12-17 22:19:08 310784 ----a-w- c:\windows\system32\unregmp2.exe

.

==================== Find3M  ====================

.

2013-12-24 19:51:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-12-24 19:51:43 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe

2012-05-07 20:09:31 151552 --sha-w- c:\windows\kmsem\KMService.exe

2012-05-07 20:09:31 8192 --sha-w- c:\windows\system32\srvany.exe

.

============= FINISH: 13:46:38.00 ===============

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Basic 

Boot Device: \Device\HarddiskVolume2

Install Date: 20/04/2010 18:58:01

System Uptime: 05/01/2014 05:53:19 (8 hours ago)

.

Motherboard: eMachines |  | eMachines E525  

Processor: Intel® Celeron® CPU          900  @ 2.20GHz | uPGA-478 | 2194/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 139 GiB total, 49.237 GiB free.

D: is CDROM (UDF)

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP789: 04/01/2014 17:55:47 - Removed Microsoft Office Professional Plus 2010

RP790: 04/01/2014 18:03:45 - Removed Microsoft Office Professional Plus 2010

RP791: 04/01/2014 18:40:26 - Removed BlackBerry Device Software Updater.

RP792: 05/01/2014 12:03:03 - Windows Update

.

==== Installed Programs ======================

.

3Connect

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.2

Adobe Shockwave Player 11.6

Amazon Kindle

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AVG 9.0

AVS4YOU Software Navigator 1.4

Bing Maps 3D

Bonjour

Broadcom Driver Installation Program

Broadcom Driver v5.10.79.14_Foxconn Installation Program

Citrix online plug-in - web

Citrix online plug-in (DV)

Citrix online plug-in (HDX)

Citrix online plug-in (USB)

Citrix online plug-in (Web)

Compatibility Pack for the 2007 Office system

Coupon Printer for Windows

Dropbox

eMachines Power Management

eMachines Recovery Management

eMachines ScreenSaver

Gangsters Screensaver Screen Saver

Google Chrome

Google Drive

Google Update Helper

GorillaPrice

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Deskjet 3000 J310 series Basic Device Software

HP Deskjet 3000 J310 series Help

HP Deskjet 3000 J310 series Product Improvement Study

HP Photo Creations

HP Update

HPDiagnosticCoreDll

Huawei modem

Intel® Graphics Media Accelerator Driver

InterVideo WinDVD 8

iTunes

Juniper Networks Network Connect 6.5.0

Juniper Networks Setup Client

Junk Mail filter update

Keynote Connector

Launch Manager

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Standard 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

MobileMe Control Panel

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NTI Backup Now 5

NTI Backup Now Standard

NTI Media Maker 8

PowerISO

QuickTime

RealPlayer

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.0

Safari

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 

swMSM

Synaptics Pointing Device Driver

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition

VoiceOver Kit

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

WinRAR archiver

WinZip 18.0

.

==== Event Viewer Messages From Past Week ========

.

04/01/2014 19:55:45, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.1.79 for the Network Card with network address 00242C4FF80D has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

04/01/2014 18:30:10, Error: Service Control Manager [7000]  - The Update Kozaka service failed to start due to the following error:  The system cannot find the path specified.

04/01/2014 18:30:10, Error: Service Control Manager [7000]  - The SupportSoft RemoteAssist service failed to start due to the following error:  The system cannot find the file specified.

04/01/2014 18:30:10, Error: Service Control Manager [7000]  - The McAfee SiteAdvisor Service service failed to start due to the following error:  The system cannot find the path specified.

04/01/2014 18:29:06, Error: Microsoft-Windows-ResourcePublication [1002]  - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish.  Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.

04/01/2014 18:29:03, Error: Microsoft-Windows-HttpEvent [15021]  - An error occured while using SSL configuration for socket address 0.0.0.0:4482.  The error status code is contained within the returned data.

04/01/2014 16:25:42, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.0.7 for the Network Card with network address 00242C4FF80D has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).

.

==== End Of File ===========================

 

[Maniac]

Step 1

I notice that you are using more than one antivirus program.

• AVG 9.0
• Microsoft Security Essentials (Microsoft Security Client too)
• This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them.

  Next, please uninstall the following applications too:

  Coupon Printer for Windows

  GorillaPrice

  When you are done, reboot your system.

  Step 2

  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  Step 3

  Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
  Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
  Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

  In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log

[Wal]

AVG hasn't run since 2010 when the subscription ran out. Will uninstall nonetheless.

I can't uninstall gorilla price. I get a message stating it's not a valid win32 application.

Wal

[Maniac]

Thanks for your information!

Proceed further.

[Wal]

Hi

 

Logs below.  Unable to install Malwarebytes, got the error message that prompted the start of this thread 'The setup files are corrupted. Please obtain a new copy of the program.'

 

Wal

 

 

 

JRT Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.9 (01.01.2014:1)

OS: Windows Vista Home Basic x86

Ran by Stuart on 05/01/2014 at 18:30:55.31

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

Successfully stopped: [service] gorillaprice 

Successfully deleted: [service] gorillaprice 

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 05/01/2014 at 18:33:57.94

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

AdwCleaner Log

 

# AdwCleaner v3.016 - Report created 05/01/2014 at 18:36:37

# Updated 23/12/2013 by Xplode

# Operating System : Windows Vista Home Basic Service Pack 1 (32 bits)

# Username : Stuart - STUART-PC

# Running from : C:\Users\Stuart\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\boost_interprocess

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.19088

 

 

-\\ Google Chrome v31.0.1650.63

 

[ File : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [9649 octets] - [03/01/2014 19:59:26]

AdwCleaner[R1].txt - [990 octets] - [04/01/2014 11:47:59]

AdwCleaner[R2].txt - [1059 octets] - [05/01/2014 18:35:17]

AdwCleaner[s0].txt - [9145 octets] - [03/01/2014 20:01:19]

AdwCleaner[s1].txt - [1059 octets] - [04/01/2014 11:48:57]

AdwCleaner[s2].txt - [986 octets] - [05/01/2014 18:36:37]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1045 octets] ##########

[Maniac]

Do not uninstall anything while working together.

Step 1

Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1

Link 2

• On Windows XP double-click on the Rkill desktop icon to run the tool.
• On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• If the tool does not run from any of the links provided, please let me know.
• Do not reboot the computer, you will need to run the application again.

Step 2

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

[Wal]

Sorry, thought you wanted me to uninstall one of the two anti virus programs.

 

I'm unable to run Rkill, '...not a valid win32 application'. Same for both links.

[Maniac]

You told me:

Unable to install Malwarebytes

I never asked from you to uninstall Malwarebytes , but one of your antiviruses.

Manually delete RKill and try to download it with another browser.

[Wal]

I haven't uninstalled Malwarebytes?  I uninstalled AVG?  I tried to install Malwarebytes which I needed to do to launch it as per step 4, but it gave me the corrupt files message.

 

Getting the same error message using IE as I did from Chrome, for the first link.  Not even able to download the second link.

[Maniac]

Sorry about this confusion!

Okay, proceed with TFC.

[Wal]

It's frozen. Had to restart the laptop. Have restarted it and it appears to have frozen again.

Shall I just leave it running overnight if it doesn't appear to be doing anything? Has something gone wrong?

[Wal]

Afternoon

 

Same issue on the second run.  Gets to a point and then appears to stop, had to reboot.

 

Starting to wonder if I'm going to be better off just backing up the files I want and just rebuilding the whole laptop given the number of things which won't install or run? Very frustrating.

 

Wal

[Maniac]

This will be the best option, but if you would like to proceed, just let me know.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!