Jump to content

Recommended Posts

I'm guessing something doesn't want me to get rid of it! Any help greatly received.

Thanks

Wal

Sorry, guess I should have been a bit more forth coming with info, was a bit late last night!

Basically, I've got Gorilla Price, which I'm trying to get rid off. Every time I try to download and install Malwarebytes, I get the above error message. I am working on the assumption there is something stopping this file from downloading/installing?

What are my options?

Thanks

Wal

Link to post
Share on other sites

Hello Wal and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hi

 

Thanks in advance for your help.

 

Wal

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.19088
Run by Stuart at 13:46:16 on 2014-01-05
Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1252.44.1033.18.1977.785 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: AVG Anti-Virus *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\srvany.exe
C:\Windows\kmsem\KMService.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\ProgramData\GorillaPrice\WatGorp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Windows\system32\RunDll32.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Stuart\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\GorillaPrice\GorillaPrice.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uProxyServer = hxxp=127.0.0.1:8080
uURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLL
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [Acer ePower Management] c:\program files\emachines\emachines power management\ePowerTray.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [WarReg_PopUp] c:\program files\emachines\wr_popup\WarReg_PopUp.exe
mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\users\stuart\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\stuart\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\stuart\appdata\roaming\micros~1\windows\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{ADABDCAA-546C-4329-819C-6212FCCCE0E5} : DHCPNameServer = 192.168.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= AVGRSSTX.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-4-20 52872]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-20 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-20 29584]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-20 243024]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-7-14 65584]
R1 MpKsl53edeab3;MpKsl53edeab3;c:\programdata\microsoft\microsoft antimalware\definition updates\{7eb0d5f4-c1e4-4833-a687-1b38d1398cba}\MpKsl53edeab3.sys [2014-1-5 40392]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]
R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2011-7-24 1740696]
R2 ePowerSvc;Acer ePower Service;c:\program files\emachines\emachines power management\ePowerSvc.exe [2009-3-11 653856]
R2 GorillaPrice;GorillaPrice;c:\program files\gorillaprice\gorillaprice.exe -service --> c:\program files\gorillaprice\GorillaPrice.exe -service [?]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2012-5-7 8192]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 104768]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-23 144632]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 WatGorp;WatGorp;c:\programdata\gorillaprice\watgorp.exe -service --> c:\programdata\gorillaprice\WatGorp.exe -service [?]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-7-24 73216]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C60x86.sys [2009-3-11 49664]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-6-22 921952]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe --> c:\progra~1\mcafee\sitead~1\mcsacore.exe [?]
S2 Update Kozaka;Update Kozaka;"c:\program files\kozaka\updatekozaka.exe" --> c:\program files\kozaka\updateKozaka.exe [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 517448]
S3 Blackberry Device Manager;BlackBerry Device Manager;"c:\program files\common files\research in motion\usb drivers\bbdevmgr.exe" --> c:\program files\common files\research in motion\usb drivers\BbDevMgr.exe [?]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2011-7-24 11136]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-7-24 235392]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-23 50424]
SUnknown MpKsl7aebc3de;MpKsl7aebc3de; [x]
.
=============== Created Last 30 ================
.
2014-01-05 13:37:02 40392 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{7eb0d5f4-c1e4-4833-a687-1b38d1398cba}\MpKsl53edeab3.sys
2014-01-05 12:04:51 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{7eb0d5f4-c1e4-4833-a687-1b38d1398cba}\mpengine.dll
2014-01-04 13:22:29 -------- d-----w- c:\programdata\boost_interprocess
2014-01-04 12:44:21 -------- d-----w- C:\FRST
2014-01-04 11:39:03 -------- d-----w- c:\users\stuart\appdata\roaming\WinZip
2014-01-03 20:36:00 -------- d-----w- c:\windows\ERUNT
2014-01-03 20:34:19 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-01-03 19:59:20 -------- d-----w- C:\AdwCleaner
2014-01-02 23:00:11 -------- d-----w- c:\program files\Enigma Software Group
2014-01-02 22:58:12 -------- d-----w- c:\windows\220FB0354744483A9A0B41DF77061583.TMP
2014-01-02 22:57:59 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2014-01-02 22:26:44 -------- d-----w- c:\users\stuart\appdata\roaming\Open Download Manager
2014-01-02 22:24:39 -------- d-----w- c:\programdata\GorillaPrice
2014-01-02 22:24:34 -------- d-----w- c:\program files\GorillaPrice
2014-01-02 22:22:12 -------- d-----w- c:\program files\OpenDownloaderManager
2013-12-31 19:31:10 -------- d-----w- c:\users\stuart\.android
2013-12-31 19:31:09 -------- d-----w- c:\users\stuart\appdata\local\cache
2013-12-31 19:31:04 -------- d-----w- c:\users\stuart\appdata\roaming\newnext.me
2013-12-31 19:31:04 -------- d-----w- c:\users\stuart\appdata\local\genienext
2013-12-27 21:47:46 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{36b86230-d7f2-4c30-adf0-56ee4e118821}\gapaengine.dll
2013-12-27 21:22:43 -------- d-----w- c:\windows\Options
2013-12-27 21:22:43 -------- d-----w- c:\program files\Broadcom
2013-12-27 21:20:50 -------- d-----w- c:\programdata\Broadcom
2013-12-24 21:24:15 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2013-12-24 21:17:18 125952 ----a-w- c:\windows\system32\srvsvc.dll
2013-12-24 21:17:17 17920 ----a-w- c:\windows\system32\netevent.dll
2013-12-24 21:17:02 378368 ----a-w- c:\windows\system32\winhttp.dll
2013-12-24 21:15:01 411136 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-24 21:15:01 31232 ----a-w- c:\windows\system32\httpapi.dll
2013-12-24 21:15:00 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-12-24 19:34:16 -------- d-----w- c:\windows\system32\MRT
2013-12-17 22:19:14 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2013-12-17 22:19:08 310784 ----a-w- c:\windows\system32\unregmp2.exe
.
==================== Find3M  ====================
.
2013-12-24 19:51:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-24 19:51:43 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe
2012-05-07 20:09:31 151552 --sha-w- c:\windows\kmsem\KMService.exe
2012-05-07 20:09:31 8192 --sha-w- c:\windows\system32\srvany.exe
.
============= FINISH: 13:46:38.00 ===============
 
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic 
Boot Device: \Device\HarddiskVolume2
Install Date: 20/04/2010 18:58:01
System Uptime: 05/01/2014 05:53:19 (8 hours ago)
.
Motherboard: eMachines |  | eMachines E525  
Processor: Intel® Celeron® CPU          900  @ 2.20GHz | uPGA-478 | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 49.237 GiB free.
D: is CDROM (UDF)
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP789: 04/01/2014 17:55:47 - Removed Microsoft Office Professional Plus 2010
RP790: 04/01/2014 18:03:45 - Removed Microsoft Office Professional Plus 2010
RP791: 04/01/2014 18:40:26 - Removed BlackBerry Device Software Updater.
RP792: 05/01/2014 12:03:03 - Windows Update
.
==== Installed Programs ======================
.
3Connect
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Adobe Shockwave Player 11.6
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
AVG 9.0
AVS4YOU Software Navigator 1.4
Bing Maps 3D
Bonjour
Broadcom Driver Installation Program
Broadcom Driver v5.10.79.14_Foxconn Installation Program
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Dropbox
eMachines Power Management
eMachines Recovery Management
eMachines ScreenSaver
Gangsters Screensaver Screen Saver
Google Chrome
Google Drive
Google Update Helper
GorillaPrice
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet 3000 J310 series Basic Device Software
HP Deskjet 3000 J310 series Help
HP Deskjet 3000 J310 series Product Improvement Study
HP Photo Creations
HP Update
HPDiagnosticCoreDll
Huawei modem
Intel® Graphics Media Accelerator Driver
InterVideo WinDVD 8
iTunes
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
Junk Mail filter update
Keynote Connector
Launch Manager
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MobileMe Control Panel
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
PowerISO
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.0
Safari
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 
swMSM
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition
VoiceOver Kit
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
WinZip 18.0
.
==== Event Viewer Messages From Past Week ========
.
04/01/2014 19:55:45, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.1.79 for the Network Card with network address 00242C4FF80D has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
04/01/2014 18:30:10, Error: Service Control Manager [7000]  - The Update Kozaka service failed to start due to the following error:  The system cannot find the path specified.
04/01/2014 18:30:10, Error: Service Control Manager [7000]  - The SupportSoft RemoteAssist service failed to start due to the following error:  The system cannot find the file specified.
04/01/2014 18:30:10, Error: Service Control Manager [7000]  - The McAfee SiteAdvisor Service service failed to start due to the following error:  The system cannot find the path specified.
04/01/2014 18:29:06, Error: Microsoft-Windows-ResourcePublication [1002]  - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish.  Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
04/01/2014 18:29:03, Error: Microsoft-Windows-HttpEvent [15021]  - An error occured while using SSL configuration for socket address 0.0.0.0:4482.  The error status code is contained within the returned data.
04/01/2014 16:25:42, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.0.7 for the Network Card with network address 00242C4FF80D has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
 
Link to post
Share on other sites

Step 1

I notice that you are using more than one antivirus program.

  • AVG 9.0
  • Microsoft Security Essentials (Microsoft Security Client too)
  • This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them.

    Next, please uninstall the following applications too:

    Coupon Printer for Windows

    GorillaPrice

    When you are done, reboot your system.

    Step 2

    Please download Junkware Removal Tool to your desktop.

    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Step 3

    Please download AdwCleaner by Xplode onto your desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan button. Wait until is finished.
    • Click on Clean.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
    Step 4
    • Launch Malwarebytes' Anti-Malware
    • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
    • Go to Scanner tab and select Perform Quick Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

    In your next reply, post the following log files:

    • Junkware Removal Tool log
    • AdwCleaner log
    • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Hi

 

Logs below.  Unable to install Malwarebytes, got the error message that prompted the start of this thread 'The setup files are corrupted. Please obtain a new copy of the program.'

 

Wal

 

 

 

JRT Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows Vista Home Basic x86
Ran by Stuart on 05/01/2014 at 18:30:55.31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [service] gorillaprice 
Successfully deleted: [service] gorillaprice 
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/01/2014 at 18:33:57.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

AdwCleaner Log

 

# AdwCleaner v3.016 - Report created 05/01/2014 at 18:36:37
# Updated 23/12/2013 by Xplode
# Operating System : Windows Vista Home Basic Service Pack 1 (32 bits)
# Username : Stuart - STUART-PC
# Running from : C:\Users\Stuart\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\boost_interprocess
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.19088
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [9649 octets] - [03/01/2014 19:59:26]
AdwCleaner[R1].txt - [990 octets] - [04/01/2014 11:47:59]
AdwCleaner[R2].txt - [1059 octets] - [05/01/2014 18:35:17]
AdwCleaner[s0].txt - [9145 octets] - [03/01/2014 20:01:19]
AdwCleaner[s1].txt - [1059 octets] - [04/01/2014 11:48:57]
AdwCleaner[s2].txt - [986 octets] - [05/01/2014 18:36:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1045 octets] ##########
Link to post
Share on other sites

Do not uninstall anything while working together.

Step 1

Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1

Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Step 2

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
Link to post
Share on other sites

I haven't uninstalled Malwarebytes?  I uninstalled AVG?  I tried to install Malwarebytes which I needed to do to launch it as per step 4, but it gave me the corrupt files message.

 

Getting the same error message using IE as I did from Chrome, for the first link.  Not even able to download the second link.

Link to post
Share on other sites

Afternoon

 

Same issue on the second run.  Gets to a point and then appears to stop, had to reboot.

 

Starting to wonder if I'm going to be better off just backing up the files I want and just rebuilding the whole laptop given the number of things which won't install or run? Very frustrating.

 

Wal

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.