GorillaPrice

By Sumo3000 in Adware

Threat Scorecard

Threat Level:	50 % (Medium)
Infected Computers:	43,362

First Seen:	August 1, 2013
Last Seen:	October 24, 2025
OS(es) Affected:	Windows

GorillaPrice is a browser add-on, which gives Internet users a variety of coupons, savings, and offers. GorillaPrice is beneficial to many online shoppers because it helps to save money through numerous deals and coupons. However, GorillaPrice is identified as an adware program by security researchers. Numerous computer users are not aware of how GorillaPrice invaded the PC. Therefore, GorillaPrice is classified as GorillaPrice Virus by some PC users. GorillaPrice usually comes packaged with freeware or shareware applications. When GorillaPrice accesses the corrupted PC, it shows disturbing pop-up advertisements on the desktop of the computer. These advertisements pose a risk to the compromised PC if the computer user clicks on links. Scammers are using unidentified services such as GorillaPrice to deliver a variety of malware threats to victimized computers. GorillaPrice is also used by cybercrooks to make money from click fraud. GorillaPrice also records the attacked PC user's browsing activities on the compromised Internet browser. GorillaPrice traces the victim's browsing habits, is aware of the most visited websites, and is aware of which products the affected computer looks for the most.

Table of Contents

Aliases

12 security vendors flagged this file as malicious.

Antivirus Vendor	Detection
AVG	Generic6.PID
McAfee-GW-Edition	RDN/Generic PUP.x!c2y
Comodo	ApplicUnwnt
Avast	Win32:Injector-COO [Trj]
Symantec	Trojan.Gen.2
K7AntiVirus	Adware ( 004bb5b41 )
Sophos	Generic PUA NL
Symantec	WS.Reputation.1
Avast	Win32:Dropper-gen [Drp]
AVG	Generic6.MGL
McAfee	Artemis!F0095C66445B
McAfee-GW-Edition	BehavesLike.Win32.BadFile.ch

SpyHunter Detects & Remove GorillaPrice

File System Details

GorillaPrice may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	WatGorp.exe	770616105a224fed755977eb86de74e4	2,739
Name: WatGorp.exe MD5: 770616105a224fed755977eb86de74e4 Size: 70.14 KB (70144 bytes) Detections: 2,739 Type: Executable File Path: %ALLUSERSPROFILE%\GorillaPrice Group: Malware file Last Updated: December 7, 2021
2.	GorillaPrice.exe	c7905e4b74338875c3e83984f4bc5921	2,732
Name: GorillaPrice.exe MD5: c7905e4b74338875c3e83984f4bc5921 Size: 624.12 KB (624128 bytes) Detections: 2,732 Type: Executable File Path: %PROGRAMFILES%\GorillaPrice Group: Malware file Last Updated: November 14, 2016
3.	GPI64Tool.exe	2fee07aa67233c4206bb0ff3b35c0562	1,435
Name: GPI64Tool.exe MD5: 2fee07aa67233c4206bb0ff3b35c0562 Size: 262.65 KB (262656 bytes) Detections: 1,435 Type: Executable File Path: %PROGRAMFILES(x86)%\GorillaPrice Group: Malware file Last Updated: November 3, 2019
4.	GPCheck.exe	97e0a4ea3f659ce172398f78d9db8716	1,028
Name: GPCheck.exe MD5: 97e0a4ea3f659ce172398f78d9db8716 Size: 1.58 MB (1580152 bytes) Detections: 1,028 Type: Executable File Path: C:\Program Files (x86)\NetNucleous\GorillaPrice\GPCheck.exe Group: Malware file Last Updated: August 23, 2024
5.	wuhelper.exe	ed39bba17f83ea8433f7059f36a887f6	463
Name: wuhelper.exe MD5: ed39bba17f83ea8433f7059f36a887f6 Size: 139.77 KB (139776 bytes) Detections: 463 Type: Executable File Path: C:\Program Files (x86)\Windows NT\Accessories\WinUtilityHelper\wuhelper.exe Group: Malware file Last Updated: January 2, 2023
6.	GpRecover.exe	b1cc7b1ac2eebd4866ce79d6ff7c45eb	350
Name: GpRecover.exe MD5: b1cc7b1ac2eebd4866ce79d6ff7c45eb Size: 459.26 KB (459264 bytes) Detections: 350 Type: Executable File Path: %ALLUSERSPROFILE%\GorillaPrice Group: Malware file Last Updated: September 23, 2013
7.	bootmanager.exe	fef01c38e7eab2d03baf57f4c35729b9	236
Name: bootmanager.exe MD5: fef01c38e7eab2d03baf57f4c35729b9 Size: 107.52 KB (107520 bytes) Detections: 236 Type: Executable File Path: %PROGRAMFILES(x86)%\Windows NT\Accessories\bootmanager Group: Malware file Last Updated: October 3, 2017
8.	runtimemanager.exe	09a41ac411d3436e186a17e7ff788dc1	30
Name: runtimemanager.exe MD5: 09a41ac411d3436e186a17e7ff788dc1 Size: 103.93 KB (103936 bytes) Detections: 30 Type: Executable File Path: %PROGRAMFILES(x86)%\Windows NT\Accessories\RuntimeManager Group: Malware file Last Updated: October 3, 2017
9.	ntcache.exe	fd9e09258034096a15d9b0da2b766d44	12
Name: ntcache.exe MD5: fd9e09258034096a15d9b0da2b766d44 Size: 7.09 MB (7099904 bytes) Detections: 12 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Windows\NetworkCacheManager Group: Malware file Last Updated: September 15, 2017
10.	grillaprice.exe	6bade1f54528012e559b60131f7f1147	10
Name: grillaprice.exe MD5: 6bade1f54528012e559b60131f7f1147 Size: 415.74 KB (415744 bytes) Detections: 10 Type: Executable File Path: %PROGRAMFILES(x86)%\Windows Media Player\grillaprice Group: Malware file Last Updated: June 10, 2017

More files

Registry Details

GorillaPrice may create the following registry entry or registry entries:

CLSID

{98168995-CA43-4c33-BE81-99E6694468A4}

Regexp file mask

%ALLUSERSPROFILE%\Microsoft\Windows\NetworkCacheMan\ntcache.exe

%ALLUSERSPROFILE%\Microsoft\Windows\NetworkCacheManager\ntcache.exe

%APPDATA%\Microsoft\Windows\UserChecker\uchecker.exe

%appdata%\Mozilla\Firefox\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}.xpi

HKEY..\..\..\..{RegistryKeys}

Software\AppDataLow\Software\NetNucleous

SOFTWARE\GrillaPrice

SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98168995-CA43-4c33-BE81-99E6694468A4}

SOFTWARE\Mozilla\Firefox\extensions\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}

Software\NetNucleous

SOFTWARE\Wow6432Node\GorillaPrice

SOFTWARE\Wow6432Node\GrillaPrice

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{98068995-CA43-4c33-BE80-99E6694468A4}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GorillaPrice

SOFTWARE\Wow6432Node\Mozilla\Firefox\extensions\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}

SYSTEM\ControlSet001\services\GorillaPrice

SYSTEM\ControlSet001\Services\GrillaPrice

SYSTEM\ControlSet002\Services\GrillaPrice

SYSTEM\CurrentControlSet\Services\GorillaPrice

SYSTEM\CurrentControlSet\Services\GrillaPrice

Directories

GorillaPrice may create the following directory or directories:

%ALLUSERSPROFILE%\GorillaPrice

%ALLUSERSPROFILE%\Microsoft\Windows\MKStat

%ALLUSERSPROFILE%\Microsoft\Windows\MKeeperStat

%PROGRAMFILES%\GrillaPrice

%PROGRAMFILES(X86)%\GorillaPrice

%PROGRAMFILES(x86)%\GrillaPrice

%PROGRAMFILES(x86)%\Windows Media Player\grillaprice

%ProgramFiles%\GorillaPrice

URLs

GorillaPrice may call the following URLs:

GorillaPrice

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

GorillaPrice

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove GorillaPrice

File System Details

Registry Details

Directories

URLs

Submit Comment

Trending

American Express - Sign-in Attempt Was Blocked Scam

OKX Rewards Scam

Chainspanhub.com

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen