problems with windows xp. PLEASE HELP

[aguyfaescotland]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MotoBlade\MotoBlade.exe -> C:\Program Files\MotoBlade\MotoBlade.exe:*:Disabled:MotoBlade ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Free\avgemc.exe -> C:\Program Files\Grisoft\AVG Free\avgemc.exe:*:Disabled:avgemc.exe ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Free\avginet.exe -> C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Disabled:avginet.exe ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\games\firefly\stronghold2\Stronghold2.exe -> D:\games\firefly\stronghold2\Stronghold2.exe:*:Disabled:Stronghold 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\games\Firefly Studios\Stronghold 2\Stronghold2.exe -> D:\games\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Disabled:Stronghold 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\TVUPlayer\TVUPlayer.exe -> C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UltraVNC\winvnc.exe -> C:\Program Files\UltraVNC\winvnc.exe:*:Enabled:VNC server for Win32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Remote Control Pro\RCPServer.exe -> C:\Program Files\Remote Control Pro\RCPServer.exe:*:Enabled:Remote Control Pro ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Google\Google Talk\googletalk.exe -> C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\skype\phone\Skype.exe -> C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\kdx\KHost.exe -> C:\WINDOWS\kdx\KHost.exe:*:Enabled:Delivery Manager ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\KService\KService.exe -> C:\Program Files\KService\KService.exe:*:Enabled:Delivery Manager Service ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BearFlix\bearflix.exe -> C:\Program Files\BearFlix\bearflix.exe:*:Enabled:BearFlix ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Documents and Settings\Jamie\Desktop\utorrent.exe -> D:\Documents and Settings\Jamie\Desktop\utorrent.exe:*:Enabled:µTorrent ->

[aguyfaescotland]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Morpheus\Morpheus.exe -> C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Documents and Settings\Jamie\Desktop\downloads\downloadp2p\utorrent.exe -> D:\Documents and Settings\Jamie\Desktop\downloads\downloadp2p\utorrent.exe:*:Enabled:µTorrent ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\utorrent.exe -> C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\games\Firefly Studios\Stronghold Legends\StrongholdLegends.exe -> D:\games\Firefly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avginet.exe -> C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgamsvr.exe -> C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgcc.exe -> C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG7\avgemc.exe -> C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ ->  ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ ->  ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 ->

[aguyfaescotland]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\8859:TCP -> 8859:TCP:*:Enabled:BitComet 8859 TCP ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\8859:UDP -> 8859:UDP:*:Enabled:BitComet 8859 UDP ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\17430:TCP -> 17430:TCP:*:Enabled:BitComet 17430 TCP ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\17430:UDP -> 17430:UDP:*:Enabled:BitComet 17430 UDP ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\46422:TCP -> 46422:TCP:*:Enabled:BitComet 46422 TCP ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\46422:UDP -> 46422:UDP:*:Enabled:BitComet 46422 UDP ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ ->  ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ ->  ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ ->  ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ ->  ->

[aguyfaescotland]

[Files/Folders - Created Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 2147012608 bytes | Created Date = 01/01/1601 | Attr =  HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups ->  [Folder | Created Date = 23/05/2007 18:53:25 | Attr =    ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ ->  [Folder | Created Date = 22/05/2007 21:03:42 | Attr =  H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ ->  [Folder | Created Date = 09/05/2007 08:47:56 | Attr =  H ]
bw700.ini -> %SystemRoot%\bw700.ini ->  [Ver =  | Size = 13547 bytes | Created Date = 10/05/2007 07:20:10 | Attr =    ]
BW7Dir.ini -> %SystemRoot%\BW7Dir.ini ->  [Ver =  | Size = 767 bytes | Created Date = 10/05/2007 07:32:56 | Attr =    ]
LEXSTAT.INI -> %SystemRoot%\LEXSTAT.INI ->  [Ver =  | Size = 91 bytes | Created Date = 06/05/2007 17:33:15 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 16/05/2007 17:36:13 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 16/05/2007 17:36:13 | Attr =  H ]
uninst.exe -> %SystemRoot%\uninst.exe -> InstallShield Corporation, Inc. [Ver = 2.20.926.0 | Size = 299520 bytes | Created Date = 06/05/2007 17:32:40 | Attr =    ]
wowCP.ini -> %SystemRoot%\wowCP.ini ->  [Ver =  | Size = 286 bytes | Created Date = 28/04/2007 17:19:36 | Attr =    ]
bwbits70.dll -> %System32%\bwbits70.dll ->  [Ver =  | Size = 1982464 bytes | Created Date = 10/05/2007 07:13:39 | Attr =    ]
bwnthook.dll -> %System32%\bwnthook.dll ->  [Ver =  | Size = 16896 bytes | Created Date = 10/05/2007 07:13:39 | Attr =    ]
bwntsend.dll -> %System32%\bwntsend.dll ->  [Ver =  | Size = 20992 bytes | Created Date = 10/05/2007 07:13:39 | Attr =    ]
bwplay.exe -> %System32%\bwplay.exe ->  [Ver =  | Size = 81920 bytes | Created Date = 10/05/2007 07:13:39 | Attr =    ]
GetHardDiskNo.dll -> %System32%\GetHardDiskNo.dll -> MaxSecure Software [Ver = 1.0.0.1 | Size = 143360 bytes | Created Date = 24/05/2007 16:12:52 | Attr =    ]
LEX2KUSB.DLL -> %System32%\LEX2KUSB.DLL -> Lexmark International, Inc. [Ver = 9.37 | Size = 197120 bytes | Created Date = 06/05/2007 17:32:46 | Attr =    ]
LEXBCE.DLL -> %System32%\LEXBCE.DLL -> Lexmark International, Inc. [Ver = 9.37 | Size = 147456 bytes | Created Date = 06/05/2007 17:32:46 | Attr =    ]
LEXBCES.EXE -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 9.37 | Size = 307200 bytes | Created Date = 06/05/2007 17:32:46 | Attr =    ]
lexlmpm.dll -> %System32%\lexlmpm.dll -> Lexmark International, Inc. [Ver = 9.37 | Size = 200192 bytes | Created Date = 06/05/2007 17:32:46 | Attr =    ]
LEXP2P32.DLL -> %System32%\LEXP2P32.DLL -> Lexmark International, Inc. [Ver = 9.37 | Size = 201216 bytes | Created Date = 06/05/2007 17:32:47 | Attr =    ]
LEXPPS.EXE -> %System32%\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 9.37 | Size = 174592 bytes | Created Date = 06/05/2007 17:32:47 | Attr =    ]
lxbzpwr.dll -> %System32%\lxbzpwr.dll -> Lexmark International, Inc. [Ver = 1, 0, 1, 0 | Size = 73728 bytes | Created Date = 06/05/2007 17:32:47 | Attr =    ]
patchw.dll -> %System32%\patchw.dll ->  [Ver =  | Size = 116736 bytes | Created Date = 10/05/2007 07:13:39 | Attr =    ]
patchw32.dll -> %System32%\patchw32.dll ->  [Ver =  | Size = 181760 bytes | Created Date = 10/05/2007 07:13:39 | Attr =    ]
tsccvid.dll -> %System32%\tsccvid.dll -> TechSmith Corporation [Ver = 1.0.5 | Size = 98304 bytes | Created Date = 10/05/2007 07:13:50 | Attr =    ]
VchReg.dll -> %System32%\VchReg.dll -> Max Secure Software [Ver = 6, 0, 3, 6 | Size = 1019904 bytes | Created Date = 24/05/2007 16:12:52 | Attr =    ]
zlib1.dll -> %System32%\zlib1.dll ->  [Ver = 1.2.1 | Size = 55808 bytes | Created Date = 10/05/2007 07:13:39 | Attr =    ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Created Date = 23/05/2007 22:02:23 | Attr =    ]
avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Created Date = 23/05/2007 22:02:25 | Attr =    ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Created Date = 23/05/2007 22:02:25 | Attr =    ]
avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 23/05/2007 22:02:26 | Attr =    ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Created Date = 23/05/2007 22:02:26 | Attr =    ]
avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Created Date = 23/05/2007 22:02:26 | Attr =    ]

[Files/Folders - Modified Within 30 days]
Downloads -> %SystemDrive%\Downloads ->  [Folder | Modified Date = 24/05/2007 23:06:08 | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 2147012608 bytes | Modified Date = 27/05/2007 07:35:24 | Attr =  HS]
My Downloads -> %SystemDrive%\My Downloads ->  [Folder | Modified Date = 26/05/2007 23:24:38 | Attr =    ]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 26/05/2007 21:14:14 | Attr =    ]
System Volume Information -> %SystemDrive%\System Volume Information ->  [Folder | Modified Date = 24/05/2007 16:58:36 | Attr =  HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups ->  [Folder | Modified Date = 23/05/2007 19:53:26 | Attr =    ]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 27/05/2007 07:36:04 | Attr =    ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 22/05/2007 22:03:38 | Attr =  H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ ->  [Folder | Modified Date = 23/05/2007 14:28:18 | Attr =  H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ ->  [Folder | Modified Date = 09/05/2007 09:47:58 | Attr =  H ]
assembly -> %SystemRoot%\assembly ->  [Folder | Modified Date = 24/05/2007 00:53:22 | Attr = R S]
BOC423.INI -> %SystemRoot%\BOC423.INI ->  [Ver =  | Size = 57536 bytes | Modified Date = 24/05/2007 01:49:06 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 27/05/2007 07:35:30 | Attr =   S]
bw700.ini -> %SystemRoot%\bw700.ini ->  [Ver =  | Size = 13547 bytes | Modified Date = 10/05/2007 09:26:08 | Attr =    ]
BW7Dir.ini -> %SystemRoot%\BW7Dir.ini ->  [Ver =  | Size = 767 bytes | Modified Date = 10/05/2007 09:26:06 | Attr =    ]
Debug -> %SystemRoot%\Debug ->  [Folder | Modified Date = 09/05/2007 09:48:08 | Attr =    ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files ->  [Folder | Modified Date = 22/05/2007 22:35:12 | Attr =   S]

[aguyfaescotland]

Fonts -> %SystemRoot%\Fonts ->  [Folder | Modified Date = 23/05/2007 23:22:14 | Attr = R S]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1917 bytes | Modified Date = 24/05/2007 00:14:28 | Attr =    ]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 23/05/2007 14:28:16 | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 26/05/2007 21:14:18 | Attr =  HS]
LEXSTAT.INI -> %SystemRoot%\LEXSTAT.INI ->  [Ver =  | Size = 91 bytes | Modified Date = 06/05/2007 18:33:16 | Attr =    ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 116 bytes | Modified Date = 27/05/2007 07:36:38 | Attr =    ]
network diagnostic -> %SystemRoot%\network diagnostic ->  [Folder | Modified Date = 24/05/2007 00:25:22 | Attr =    ]
PREFETCH -> %SystemRoot%\PREFETCH ->  [Folder | Modified Date = 27/05/2007 13:45:00 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 16/05/2007 18:36:14 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 17/05/2007 21:15:34 | Attr =  H ]
Registration -> %SystemRoot%\Registration ->  [Folder | Modified Date = 27/05/2007 07:37:46 | Attr =    ]
system -> %SystemRoot%\system ->  [Folder | Modified Date = 24/05/2007 17:13:10 | Attr =    ]
system32 -> %System32% ->  [Folder | Modified Date = 27/05/2007 07:36:08 | Attr =    ]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 27/05/2007 07:38:40 | Attr =   S]
Temp -> %SystemRoot%\Temp ->  [Folder | Modified Date = 27/05/2007 13:45:52 | Attr =    ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 742 bytes | Modified Date = 12/05/2007 22:39:12 | Attr =    ]
wowCP.ini -> %SystemRoot%\wowCP.ini ->  [Ver =  | Size = 286 bytes | Modified Date = 29/04/2007 15:48:50 | Attr =    ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job ->  [Ver =  | Size = 282 bytes | Modified Date = 13/05/2007 15:08:38 | Attr =    ]
Check Updates for Windows Live Toolbar.job -> %SystemRoot%\tasks\Check Updates for Windows Live Toolbar.job ->  [Ver =  | Size = 254 bytes | Modified Date = 27/05/2007 13:11:02 | Attr =    ]
MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job ->  [Ver =  | Size = 330 bytes | Modified Date = 27/05/2007 12:00:12 | Attr =  H ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 27/05/2007 07:35:38 | Attr =  H ]
CatRoot -> %System32%\CatRoot ->  [Folder | Modified Date = 23/05/2007 14:30:58 | Attr =    ]
CatRoot2 -> %System32%\CatRoot2 ->  [Folder | Modified Date = 27/05/2007 07:36:18 | Attr =    ]
config -> %System32%\config ->  [Folder | Modified Date = 23/05/2007 14:29:06 | Attr =    ]
CONFIG.NT -> %System32%\CONFIG.NT ->  [Ver =  | Size = 2577 bytes | Modified Date = 23/05/2007 22:46:48 | Attr =    ]
DirectX -> %System32%\DirectX ->  [Folder | Modified Date = 16/05/2007 18:31:52 | Attr =    ]
dllcache -> %System32%\dllcache ->  [Folder | Modified Date = 23/05/2007 14:28:10 | Attr = RHS]
drivers -> %System32%\drivers ->  [Folder | Modified Date = 26/05/2007 21:19:32 | Attr =    ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT ->  [Ver =  | Size = 275760 bytes | Modified Date = 24/05/2007 22:44:14 | Attr =    ]
Lang -> %System32%\Lang ->  [Folder | Modified Date = 06/05/2007 18:59:22 | Attr =    ]
NtmsData -> %System32%\NtmsData ->  [Folder | Modified Date = 24/05/2007 13:17:16 | Attr =    ]
nvapps.xml -> %System32%\nvapps.xml ->  [Ver =  | Size = 0 bytes | Modified Date = 23/05/2007 08:07:14 | Attr =    ]
Restore -> %System32%\Restore ->  [Folder | Modified Date = 24/05/2007 16:58:36 | Attr =    ]
tablet.dat -> %System32%\tablet.dat ->  [Ver =  | Size = 336 bytes | Modified Date = 27/05/2007 07:36:08 | Attr =    ]
wbem -> %System32%\wbem ->  [Folder | Modified Date = 23/05/2007 14:28:42 | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 1158 bytes | Modified Date = 26/05/2007 22:01:20 | Attr =    ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 23/05/2007 23:02:24 | Attr =    ]
avg7rsw.sys -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 23/05/2007 23:02:26 | Attr =    ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 23/05/2007 23:02:26 | Attr =    ]
avgclean.sys -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 23/05/2007 23:02:28 | Attr =    ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.447 | Size = 19840 bytes | Modified Date = 23/05/2007 23:02:28 | Attr =    ]
avgtdi.sys -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 23/05/2007 23:02:28 | Attr =    ]
etc -> %System32%\drivers\etc ->  [Folder | Modified Date = 22/05/2007 22:35:12 | Attr =    ]
secdrv.sys -> %System32%\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.00.060 | Size = 163644 bytes | Modified Date = 16/05/2007 09:05:18 | Attr =    ]

[File String Scan - Non-Microsoft Only]
UPX0 ,  -> %SystemRoot%\RTLCPL.EXE -> Realtek Semiconductor Corp. [Ver = 1.0.1.51 | Size = 9710592 bytes | Modified Date = 21/09/2005 15:23:42 | Attr =    ]
PEC2 ,  -> %System32%\dfrg.msc ->  [Ver =  | Size = 41397 bytes | Modified Date = 10/08/2004 14:00:00 | Attr =    ]
PEC2 , PECompact2 ,  -> %System32%\DivX.dll -> DivX, Inc. [Ver = 6.5.0.53 | Size = 639066 bytes | Modified Date = 01/02/2007 05:56:06 | Attr =    ]
Thawte Consulting ,  -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 16/03/2007 17:53:38 | Attr =    ]
winsync ,  -> %System32%\wbdbase.deu ->  [Ver =  | Size = 1309184 bytes | Modified Date = 10/08/2004 14:00:00 | Attr =    ]
WSUD , UPX0 ,  -> %System32%\dllcache\hwxjpn.dll ->  [Ver =  | Size = 13463552 bytes | Modified Date = 10/08/2004 14:00:00 | Attr =    ]
UPX! , FSG! , PEC2 , aspack ,  -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.467 | Size = 777984 bytes | Modified Date = 23/05/2007 23:02:24 | Attr =    ]

< End of report >



At last that took ages to cut and paste, is there a quicker way to have done so many posts than cut and paste?? Or should have I have done something to file to make it smaller.  Sorry to forum owners for taking up so much valuable thread space, I can only hope it's all been worth it

[aguyfaescotland]

wee update. still having same issue, although I have made some progress. In my desperation to get my computer fixed and in the spirit of giving anything a bash I tried creating another administrators account. I then logged in to this account and hey presto everything starts up thats meant to start up??? What's that all about? As I've run every spyware and malware and anti-virus program I could find and have found nothing do I just accept defeat on my main user setting and start afresh. Any ideas as to why on one setting, the original administrator setting, windows doesn't seem to remember anything but on this new setting everything is ok. I'm baffled

[FreewheelinFrank]

Possibly the original avast! detection was a false-positive and deleted something involved in storing the settings for that administrator account? Just a guess really, but as the new admin account is working OK, you can simply delete the non-working admin account.

Did you run the rootkit scanners? I'll let essexboy wade through the log he requested. If neither reveal anything, I'm pretty certain any problems you have are due to system error/corruption or a FP deletion of a critical component.

Did you run the TuneUp Utilities registry check?

In future please heed the advice about noting down the name of malware detected and moving any detected files into quarantine (the chest in avast!) as this would have saved a lot of trouble!

[aguyfaescotland]

advice gladly taken, from now on I'll pay much closer attention to whats happening on my computer. I had used every scanner available over the last few days and found nothing at all, in process of repeating all scans since discovered fix (hopefully) and just have to wait and see. cheers very much for your help one and all and I live in hope that no ones gonna come back and tell me that it's not quite over yet. 
And for anyone interested I have reinstalled avast av again, with avg install program waiting on the sidelines just incase.

[sasin44]

well if ur OS files are corrupted beyond repair u can always repair us the window CD..
or if the data is too valuable then u can try recovering it from the disk
restoration.exe by brain kato
http://www.snapfiles.com/get/restoration.html
it works like magic..and does not require any installing..clean simply and effictive.as long as u did not write on them

[essexboy]

Biggest winpfind I have come across so far, will take about an hour to analyse

[essexboy]

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Driver Services - Non-Microsoft Only]
YY -> (14a17) 14a17 [Kernel | On_Demand | Stopped] -> D:\DOCUME~1\Jamie\LOCALS~1\Temp\14a17.sys
YY -> (KLIF) KLIF [Kernel | On_Demand | Stopped] -> %SystemDrive%\PROGRA~1\PCTOOL~1\KLIF.SYS
[Registry - Non-Microsoft Only]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
YN -> {4EEAAF6F-75B8-42A6-B72D-51DE395314DC} -> ()

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here .

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

The above are just waifs and strays nothing of import

[aguyfaescotland]

sorry for the length of the file, guessing I maybe checked 1 or 2 too many boxes. Followed your previous post and here are the results.

[Driver Services - Non-Microsoft Only]
Service 14a17 stopped successfully.
Service 14a17 deleted successfully.
File D:\DOCUME~1\Jamie\LOCALS~1\Temp\14a17.sys not found.
Service KLIF stopped successfully.
Service KLIF deleted successfully.
File C:\PROGRA~1\PCTOOL~1\KLIF.SYS not found.
[Registry - Non-Microsoft Only]
DNS NameServer information removed successfully for adapter:
< End of log >
Created on 05/28/2007 23:09:15

Had no problems at all applying the fix you supplied, though doesn't seem to have changed anything. I haven't restarted windows yet so will modify post to let you know what happens.Again cheers very much for your help.

After reboot still the same I'm afraid to say. I'm quietly resigning myself to the loss of these settings. As I mentioned above previously, last night I setup a new user account on windows and everything seems to works as it should. I'll have a lot of moving of files to try and get things the way they should be but nothing life threatening. Question is though, and I know I've had loads of help so far, but will the problems migrate to the new user account or can I delete the problem account and forget all about the sorry episode??

And finally I did download and install Tuneup and it seems to offer a lot of features, don't know if I'll go past the free trial period though as I'm not entirely sure what I'm doing when I get it to fix problems with the registry and that, not too sure if I'm gonna bugger things up. But I've got it for a month so maybe I'll get the hang of it, cheers for the suggestion.

A big thanks for all help received. I'm off to start backing things up!