can't update important files and services while the system is using

Interesting - please run teh following commands, and post the results.


Then reboot, wait ten minutes or so, and grab a new set of Event Viewer logs

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>reg add hkey_local_machine\system\currentcontrolset\services
\wsearch /v delayedautostart /t reg_dword /d 0x1 /f
The operation completed successfully.

C:\Windows\system32>icacls crogramdata\microsoft\search\data\temp
crogramdata\microsoft\search\data\temp: The system cannot find the path specif
ied.
Successfully processed 0 files; Failed processing 1 files

C:\Windows\system32>icacls c:\programdata\microsoft\search\data\temp
c:\programdata\microsoft\search\data\temp BUILTIN\AdministratorsI)(OI)(IO)(F)
BUILTIN\AdministratorsI)(CI)(F)
NT AUTHORITY\SYSTEMI)(OI)(IO)(F)
NT AUTHORITY\SYSTEMI)(CI)(F)

Successfully processed 1 files; Failed processing 0 files

C:\Windows\system32>

I will now reboot

new event logs

Please run the following commands and post the results.

SC QC SSPORT
SC QC HOMEGROUPLISTENER

and post the results.

Please read the following tutorial - Index - Windows Search Service - Vista Forums

The same fix should work in Win7 - please attempt it

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>sc qc ssport
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: ssport
TYPE : 1 KERNEL_DRIVER
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : \??\C:\Windows\system32\Drivers\SSPORT.sys
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : SSPORT
DEPENDENCIES :
SERVICE_START_NAME :

C:\Windows\system32>sc qc homegrouplistener
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: homegrouplistener
TYPE : 20 WIN32_SHARE_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Windows\System32\svchost.exe -k LocalSystemNetwo
rkRestricted
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : HomeGroup Listener
DEPENDENCIES : LanmanServer
SERVICE_START_NAME : LocalSystem

C:\Windows\system32>

The SSPORT service belongs to Samsung utilities - the service is failing to start because it says that it can't find the file
Please run the following command and we'll see whether it's the main file that's missing, or others.

DIR C:\Windows\System32\SSPORT.* /S

Do you have any idea what this service should be doing? - perhaps reinstalling the utilities would cure that problem.

The HomeGroupListener service is failing to start - probably because of the problems with the Windows Firewall (it seems to be dependent on it, even though it doesn't say so in the registry!)

There are a lot of errors associated with Apple applications - notably iTunes and Bonjour'. This is not unusual, and the general recommendation is to uninstall all Apple apps while troubleshooting other problems, because of their bad habit of breaking parts of Windows.
The problem here is that if you have licensed iTunes, you have to take special care of them to ensure that you don't lose the licenses! - you should take advice on that from a more apple-oriented forum (I don't and won't run this stuff on my machines, so can't help)

This type of problem really does make me think of AV residues - You had AVG on here, and we removed that and ran the removal tool for it, then replaced it with MSE.
Have you EVER had ANY other AV installed? Did you run Comodo's cleanup tool? What about other Firewalls - have you EVER had any others installed?

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>dir c:\windows\system32\ssport.* /s
Volume in drive C has no label.
Volume Serial Number is 8AF5-69C1
File Not Found

C:\Windows\system32>

The Samsung printer works just fine.

I have a licensed iTunes, and use it a lot. I have no use for Bonjour, so I just removed it. There is also Apple software update, Apple Application Support, and Apple Mobile Device Support - should I remove these last 3? Actually I never plug in my iPhone into this computer so I assume removing the last one would not matter.

There is AVG PC tuneup that I use for cleanup, not the firewall/virus. No Comodo tools, just the firewall because I really should not go without a firewall. The only firewall I ever had on this machine that is just a few months old is the AVG you told me to remove and I did.

Comodo could be locking out the Windows service - What is your connection to the internet (router+modem, or direct able or what?)?
AVG's cleanup tool has been associated with a few problems in the past - and I have an inherent distrust of such tools, born of having to spend rather a lot of time cleaning up after them.

As far as the Apple tools are concerned, I'll leave that up to you - at least for the moment

I'll see if I can get Comodo installed and what it does to the Windows Firewall, and get back to you - it may take a day or two.
If you haven't heard from me by Tuesday, SHOUT!

Router+modem.
After removing AVG, the Firewall did not come on; that's why I had to install a new one (Comodo) so the problem precedes Comodo.

Fell across something straight away!- and nothing to do with Comodo

Please run the following commands, and post the results....

REG QUERY HKLM\SYSTEM\CurrentControlSet\services\mpsdrv
REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MPSDRV

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>reg query hklm\system\currentcontrolset\services\mpsdrv

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\mpsdrv
DisplayName REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23092
Group REG_SZ network
ImagePath REG_EXPAND_SZ System32\drivers\mpsdrv.sys
Description REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23093
ErrorControl REG_DWORD 0x1
Start REG_DWORD 0x3
Type REG_DWORD 0x1

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\mpsdrv\Enum

C:\Windows\system32>reg query hklm!system\currentcontrolset\enum\root\legacy_mps
drv
ERROR: Invalid key name.
Type "REG QUERY /?" for usage.

C:\Windows\system32>reg query hklm\system\currentcontrolset\enum\root\legacy_mps
drv

HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_mpsdrv
NextInstance REG_DWORD 0x1

HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_mpsdrv\0000

C:\Windows\system32>

They look OK - I was half-expecting one to be missing completely - we need to look a little deeper.
(it's easier if your copy/paste!)

Please run the following commands, and post the results....

REG QUERY HKLM\SYSTEM\CurrentControlSet\services\mpsdrv\Enum /S
REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MPSDRV\0000 /S

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\services\mpsdrv\Enum
/S

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\mpsdrv\Enum
0 REG_SZ Root\LEGACY_MPSDRV\0000
Count REG_DWORD 0x1
NextInstance REG_DWORD 0x1


C:\Windows\system32>REG QUERY HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MPS
DRV\0000 /S

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MPSDRV\0000
Service REG_SZ mpsdrv
Legacy REG_DWORD 0x1
ConfigFlags REG_DWORD 0x400
Class REG_SZ LegacyDriver
ClassGUID REG_SZ {8ECC055D-047F-11D1-A537-0000F8753ED1}
DeviceDesc REG_SZ @%SystemRoot%\system32\FirewallAPI.dll,-23092
Capabilities REG_DWORD 0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MPSDRV\0000\Control

ActiveService REG_SZ mpsdrv


C:\Windows\system32>

That's OK- and the final line means that the service is actually running.
....back to teh drawing-board!

My AVG tune-up license had expired so I uninstalled it. Even used the avg uninstaller from the command prompt but I still have a bunch of files that refuse to be deleted manually (see attached). Is there a command to delete all files containing the letters "avg"? View attachment 244254

You should not be able to see the content of the System Volume Information folders - they are the System Restore point data - if you remove the files manually, you'll break System Restore. Just wait a while, and they'll drop off the end of the storage tray.

The FileRepository files are so small you can ignore them - and they have no effect on the system anyhow.

The AVG folder in Tasks should be empty - if not, check Task Scheduler and delete any AVG tasks.