setup.exe has stoped working

First topic message reminder :

there are a number of problems that are affecting my computers
performance firstly i bought a game today to run on my computer but
when i go to install it comes up setup.exe not working second somthing
keeps hijacking my web browser its called yogo but every time i delete
it it just keeps coming back and the peromance is very poor on my
computer any help will be much appreciated

ComboFix 09-03-27.02 - dekoh 2009-03-28 17:42:44.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1918.856 [GMT 0:00]
Running from: c:\users\dekoh\Pictures\2000-01 (Jan)\ComboFix.exe
Command switches used :: c:\users\dekoh\Desktop\cfscript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\PremierOpinion
c:\program files\PremierOpinion\components\pmxg.dll
c:\program files\PremierOpinion\install.rdf
c:\program files\PremierOpinion\pmls.dll
c:\program files\PremierOpinion\pmoci.bin
c:\program files\PremierOpinion\pmph.dll
c:\program files\PremierOpinion\pmropn.exe
c:\program files\PremierOpinion\pmservice.exe
c:\program files\PremierOpinion\pmxf.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_PremierOpinion


((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-28 )))))))))))))))))))))))))))))))
.

2009-03-28 15:55 . 2009-03-28 15:55 d-------- c:\program files\Trend Micro
2009-03-28 11:22 . 2009-03-28 11:22 d-------- c:\program files\Microsoft Windows OneCare Live
2009-03-27 18:00 . 2009-03-27 18:00 d-------- c:\program files\Electronic Arts
2009-03-27 09:40 . 2009-03-27 09:40 d-------- c:\program files\Common Files\Windows Live
2009-03-26 15:28 . 2007-08-08 12:07 101,504 --a------ c:\windows\System32\drivers\ewusbmdm.sys
2009-03-26 15:28 . 2007-08-08 12:06 23,424 --a------ c:\windows\System32\drivers\ewdcsc.sys
2009-03-26 15:26 . 2009-03-26 15:26 d-------- c:\program files\Huawei technologies
2009-03-18 18:26 . 2008-12-16 03:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-18 18:26 . 2009-02-09 03:10 2,033,152 --a------ c:\windows\System32\win32k.sys
2009-03-18 18:26 . 2008-11-27 04:43 268,288 --a------ c:\windows\System32\schannel.dll
2009-03-18 18:26 . 2008-12-16 05:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-18 18:26 . 2008-12-16 05:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-18 18:26 . 2008-12-16 05:31 4,096 --a------ c:\windows\System32\dxmasf.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-28 15:23 --------- d-----w c:\program files\REALTEK USB Wireless LAN Driver and Utility
2009-03-28 14:52 --------- d-----w c:\programdata\Google Updater
2009-03-28 14:15 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-03-28 11:14 --------- d-----w c:\programdata\Electronic Arts
2009-03-28 11:00 --------- d-----w c:\program files\Common Files\PX Storage Engine
2009-03-26 12:27 --------- d-----w c:\program files\Windows Mail
2009-02-28 11:55 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-26 17:13 --------- d-----w c:\program files\Google
2009-02-21 19:47 --------- d-----w c:\program files\Microsoft Games
2009-02-21 19:37 --------- d-----w c:\users\dekoh\AppData\Roaming\Microsoft Games
2009-02-21 19:37 --------- d-----w c:\programdata\Microsoft Games
2009-02-09 18:57 --------- d-----w c:\program files\Unity
2009-02-09 18:17 --------- d-----w c:\program files\Navilog1
2009-02-09 17:16 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-09 17:11 --------- d-----w c:\users\dekoh\AppData\Roaming\Malwarebytes
2009-02-09 17:11 --------- d-----w c:\programdata\Malwarebytes
2009-02-09 12:54 --------- d-----w c:\program files\Norton Security Scan
2009-02-08 21:03 --------- d-----w c:\programdata\Symantec
2009-02-07 11:23 --------- d-----w c:\program files\Norton PC Checkup
2009-02-06 17:56 --------- d-----w c:\program files\DivX
2009-02-06 17:55 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 17:29 --------- d-----w c:\programdata\NortonInstaller
2009-02-06 17:29 --------- d-----w c:\program files\NortonInstaller
2009-02-05 14:53 --------- d-----w c:\users\dekoh\AppData\Roaming\Apple Computer
2009-02-04 14:09 695,808 ----a-w c:\windows\System32\nsc670F.dll
2009-02-03 20:50 --------- d---a-w c:\programdata\TEMP
2009-02-03 20:49 --------- d-----w c:\program files\Windows Live Safety Center
2009-01-28 18:59 --------- d-----w c:\users\dekoh\AppData\Roaming\Unity
2009-01-28 11:56 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-28 11:56 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-28 11:56 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-28 11:56 --------- d-----w c:\program files\Symantec
2009-01-15 10:05 911,872 ----a-w c:\windows\System32\wininet.dll
2009-01-15 10:05 43,008 ----a-w c:\windows\System32\licmgr10.dll
2009-01-15 10:04 18,944 ----a-w c:\windows\System32\corpol.dll
2009-01-15 10:04 132,096 ----a-w c:\windows\System32\ieUnatt.exe
2009-01-15 10:04 109,568 ----a-w c:\windows\System32\PDMSetup.exe
2009-01-15 10:04 109,056 ----a-w c:\windows\System32\iesysprep.dll
2009-01-15 10:04 107,520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe
2009-01-15 10:04 107,008 ----a-w c:\windows\System32\SetIEInstalledDate.exe
2009-01-15 10:04 103,936 ----a-w c:\windows\System32\SetDepNx.exe
2009-01-15 10:03 72,704 ----a-w c:\windows\System32\admparse.dll
2009-01-15 10:03 71,680 ----a-w c:\windows\System32\iesetup.dll
2009-01-15 10:03 66,560 ----a-w c:\windows\System32\wextract.exe
2009-01-15 10:03 420,352 ----a-w c:\windows\System32\vbscript.dll
2009-01-15 10:02 169,472 ----a-w c:\windows\System32\iexpress.exe
2009-01-15 10:01 34,304 ----a-w c:\windows\System32\imgutil.dll
2009-01-15 10:00 48,128 ----a-w c:\windows\System32\mshtmler.dll
2009-01-15 10:00 45,568 ----a-w c:\windows\System32\mshta.exe
2009-01-15 09:50 156,160 ----a-w c:\windows\System32\msls31.dll
2009-01-06 11:29 965,664 ----a-w c:\windows\System32\RtkPgExt.dll
2009-01-06 11:29 44,064 ----a-w c:\windows\System32\RtkCoInst.dll
2009-01-06 11:29 322,080 ----a-w c:\windows\System32\RtkApoApi.dll
2009-01-06 11:29 2,510,368 ----a-w c:\windows\System32\RtkAPO.dll
2009-01-06 11:29 109,088 ----a-w c:\windows\RTKAUDIOSERVICE.EXE
2008-08-11 16:21 1,523,200 ----a-w c:\users\dekoh\siw.exe
2008-07-23 20:31 174 --sha-w c:\program files\desktop.ini
2008-03-17 22:14 0 ----a-w c:\users\dekoh\AppData\Roaming\wklnhst.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-03-28_16.46.55.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 20:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
- 2009-03-28 11:29:41 133,888 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-03-28 17:44:47 134,048 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-03-28 16:12:10 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-03-28 17:46:04 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-03-28 17:46:04 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-03-28 11:34:04 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-03-28 17:46:04 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-03-28 17:46:04 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-03-28 16:38:00 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-28 17:35:18 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-03-28 16:38:00 81,920 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-28 17:35:18 81,920 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-03-28 16:38:00 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-28 17:35:18 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-03-28 11:36:49 105,448 ----a-w c:\windows\System32\perfc009.dat
+ 2009-03-28 17:17:25 105,448 ----a-w c:\windows\System32\perfc009.dat
- 2009-03-28 11:36:49 599,942 ----a-w c:\windows\System32\perfh009.dat
+ 2009-03-28 17:17:25 599,942 ----a-w c:\windows\System32\perfh009.dat
- 2009-03-28 11:35:00 13,598 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4069843678-2951840599-648089840-1000_UserData.bin
+ 2009-03-28 17:13:34 13,718 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4069843678-2951840599-648089840-1000_UserData.bin
- 2009-03-28 11:34:59 68,396 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-28 17:13:34 68,582 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-28 03:47:13 3,460 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-03-28 17:44:47 3,562 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-03-28 11:34:57 67,504 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-28 17:13:34 67,632 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-10-04 1783136]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [BU]
"Power2GoExpress"="c:\program files\CyberLink\Power2Go\Power2GoExpress.exe" [2007-10-18 2503976]
"Uniblue RegistryBooster 2"="c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe" [BU]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"HUAWEI 3G Data Card MTS"="c:\program files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" [2008-01-27 344064]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-03-18 3325952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [BU]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"DT HPW"="c:\program files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 280064]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [BU]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 c:\windows\RtHDVCpl.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{814EB14C-7903-4031-B896-1B9C57A07854}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{A90BDDDC-5761-43EE-9216-2A93980C4CFA}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{2E40B13D-98D9-4F9A-B38E-D97160066FF8}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{E114D4C5-D823-44C1-BDA6-22CA059456FF}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{A22E4FAB-A647-455A-B80D-96A2CCD65DFE}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{E2DBD4FF-7901-4E81-A00C-8B61EA96B369}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{02BFC969-ABB3-4427-BB25-2DED38EFC458}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{71B94E50-65DC-457B-BFBC-285FE92CCCDF}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{9EDCB9F5-9B0C-4D3B-8E5F-247532E4400D}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{FAE29DD8-0E5E-43AB-A71D-0FABACC6CBF5}"= UDP:c:\program files\National Guard\Guard Shield\PRISM.exe:Guard Shield
"{A78FDA16-6E52-4194-9E36-E55B88C2BA2F}"= TCP:c:\program files\National Guard\Guard Shield\PRISM.exe:Guard Shield
"{366DFF61-CA72-441C-8D91-81617BF6999A}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{B16458A4-CE04-41DA-8CE4-9A3A4286B562}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{89F91027-587C-4875-B526-AC9F85B22CFF}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{CB67C61A-7AE2-4F19-BC0B-55C021187C9A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{F57D46CB-102D-4874-BED0-8750414DB050}c:\\team17\\worms2\\frontend.exe"= UDP:c:\team17\worms2\frontend.exe:Worms 2 Frontend
"UDP Query User{DB10813A-C731-4A32-9307-4F7AEC6AA5FA}c:\\team17\\worms2\\frontend.exe"= TCP:c:\team17\worms2\frontend.exe:Worms 2 Frontend
"TCP Query User{E58BD9E1-6DF2-4789-9F4E-DDBB56AA9B69}c:\\program files\\huawei technologies\\huawei umts data card\\3 usb modem.exe"= UDP:c:\program files\huawei technologies\huawei umts data card\3 usb modem.exe:3 USB Modem
"UDP Query User{68D2E9B2-F377-4493-8721-43AE1CD7E38D}c:\\program files\\huawei technologies\\huawei umts data card\\3 usb modem.exe"= TCP:c:\program files\huawei technologies\huawei umts data card\3 usb modem.exe:3 USB Modem

R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\System32\drivers\RtlProt.sys [2008-03-20 15360]
R2 MrHealthyService;MrHealthy;c:\program files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe -service --> c:\program files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe -service [?]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2008-06-13 41008]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [2009-02-09 38496]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\System32\drivers\RTL8187.sys [2008-06-27 335872]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ddb8e50-1a01-11de-8a74-0015afb9efc7}]
\shell\AutoRun\command - J:\AutoRun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2008-03-25 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

2009-02-27 c:\windows\Tasks\HPCeeScheduleFordekoh.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2007-07-21 00:34]

2009-03-28 c:\windows\Tasks\RtlVistaStart.job
- c:\program files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe [2007-04-12 04:59]

2009-03-28 c:\windows\Tasks\User_Feed_Synchronization-{270D32E9-1AD5-4851-93A1-DEB3A8D82C27}.job
- c:\windows\system32\msfeedssync.exe [2009-01-15 10:01]

2009-03-28 c:\windows\Tasks\User_Feed_Synchronization-{2C61D359-04E2-4FBD-BE6D-AA063B2317FD}.job
- c:\windows\system32\msfeedssync.exe [2009-01-15 10:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.yahoo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=81&bd=Pavilion&pf=desktop
uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%s
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-GB\local\search.html
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
TCP: {17AE8493-15BD-4C66-BEA9-9843D9383700} = 4.2.2.4 4.2.2.3
FF - ProfilePath - c:\users\dekoh\AppData\Roaming\Mozilla\Firefox\Profiles\ndzzkyjv.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-28 17:46:07
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\wbem\unsecapp.exe
c:\combofix\hidec.exe
c:\windows\System32\schtasks.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\jusched.exe
c:\program files\Common Files\Portrait Displays\Shared\HookManager.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\progra~1\CYBERL~1\SHARED~1\RICHVI~1.EXE
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\hp\KBD\kbd.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\combofix\Catchme.tmp
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2009-03-28 17:52:45 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-28 17:51:27
ComboFix2.txt 2009-03-28 17:16:45
ComboFix3.txt 2009-03-28 16:49:22
ComboFix4.txt 2009-02-09 19:33:47

Pre-Run: 256,009,633,792 bytes free
Post-Run: 256,231,092,224 bytes free

273 --- E O F --- 2009-03-18 20:25:34

Hello.
The malware should be gone now, I just want to see what's installed on here.

• Open HijackThis
  
• Click "Open the Misc Tools section"
  
• Click "Open Uninstall Manager"
  
• Click "Save List..." (generates uninstall_list.txt)
  
• Click Save, copy and paste the results in your next post.
  

Webpage error details

User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)
Timestamp: Sat, 28 Mar 2009 18:47:53 UTC


Message: Not implemented

Line: 90
Char: 1
Code: 0
URI: http://www.geekpolice.net/-h17.htm


Message: 'document.getElementById(...)' is null or not an object
Line: 63
Char: 1
Code: 0
URI: http://www.geekpolice.net/-h19.htm


Message: HTML Parsing Error: Unable to modify the parent container element before the child element is closed (KB927917)
Line: 0
Char: 0
Code: 0
URI: http://www.geekpolice.net/operating-systems-f20/setupexe-has-stoped-working-t7812-15.htm

3 USB Modem
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 8.1.3
Adobe Shockwave Player 11
AGEIA PhysX v7.01.12
AOL Toolbar 5.0
Apple Mobile Device Support
Apple Software Update
Bonjour
Compatibility Pack for the 2007 Office system
Contextual Tool Snappyads
CyberLink DVD Suite Deluxe
EA Download Manager
Enhanced Multimedia Keyboard Solution
Favorit
GearDrvs
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
Hardware Diagnostic Tools
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Frontend
HP Games
HP My Display
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Picasso Media Center Add-In
HP Total Care Advisor
HP Update
iTunes
Java(TM) SE Runtime Environment 6 Update 1
LabelPrint
LightScribe System Software 1.10.16.1
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Halo Trial
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.0.1)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
muvee autoProducer 6.1
Navilog1 3.7.2
neroxml
Norton PC Checkup
Norton Security Scan
NVIDIA Drivers
Performance Dashboard Snappyads
Power2Go
PowerDirector
PremierOpinion
Python 2.5
QuickTime
Realtek High Definition Audio Driver
REALTEK USB Wireless LAN Driver and Utility
SDK
Shockwave
Smart Menus (Windows Live Toolbar)
Spelling Dictionaries Support For Adobe Reader 8
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)

after this could u see why vista wont let me install crysis warhead cause my girlfriend has a very basic laptop and it works fine on that and my computer is newly bought with good graphics card???thanks for your help:)

Hello. Yep, we'll have a look at the installing issue once you have done everything in this post, because the malware should be gone now.

Lets wrap this up.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines: (if present)
  
  
  O4 - HKUS\S-1-5-21-4069843678-2951840599-648089840-1001\..\Run: [ygqawqg] "c:\users\dekoh\appdata\local\ygqawqg.exe" ygqawqg (User 'aaron')
  O4 - HKUS\S-1-5-21-4069843678-2951840599-648089840-1001\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (User 'aaron')
  O4 - S-1-5-21-4069843678-2951840599-648089840-1001 Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'aaron')
  O4 - S-1-5-21-4069843678-2951840599-648089840-1001 User Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User 'aaron')
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

We have to remove and update a few things now.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight the following:
  
  Adobe Reader 8.1.3
  Java(TM) SE Runtime Environment 6 Update 1
  
  
• Click on the Uninstall/Change button at the top.
  

Then download and install Adobe Reader version 9.1 from here:
http://get.adobe.com/uk/reader/

Now update Java.

• Download the latest version of Java SE Runtime Environment (JRE) 6 Update 12.
  
• Select the first option where it says "This release includes the highly anticipated...".
  
• Click the "Download" button to the right.
  
• In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Then from your desktop double-click on jre-6u13-windows-i586-p.exe that you downloaded to install the newest version.
  

You are running Firefox 3.0.1, please download and install Firefox version 3.0.8 from here:
http://www.mozilla-europe.org/en/firefox/

Let me know how the machine is running once you have done that.

iv checked and double checked none of the above are in hijacked followed instucktions word for word

Okay, that means Combofix removed them for us. I was just making sure.
Do the rest of the instructions and post back once you've done them.

just waiting for everything to download:)

while im waiting for everything to download do u wanna see why crysis warhead wont install???

Okay.

Does it give you an error/reason why or does it just say it's stopped working when you run it?

this is what comes up when i press install (if u started program continue
setup.exe
macrovision corporation
c:\program files\realtek usb wireless lan driver and utilty\setup.exe

but i dont know what realtek usb wireless lan has got to do with it thats so i can get the internet should have anything to do with the game

Well it does and it doesn't.
The game might have built in software that allows you to play online with other people.
But regardless of that, it should still install fine.

I'll ask a colleague to drop by here, see if he can figure this out.
Can I ask now though, has the Yoog hijacker gone?

yeah thanks thats been bugging me for a while theres no sign of it the only problem i have not had on my computer is liaseing with geekpolice i will reccomend to ALL MY FRIENDS UV BEEN A GREAT HELP