Hope this is the right place to post this but I really need help...
A couple of weeks ago I came back to my computer (Windows XP) after a tech guy had 'fixed' a virus to find it taking literally 10 minutes to log into my account. Then after trying to run some programs I started getting registry errors, mostly to do with .dll files being corrupt and lines missing.
Later I opened IE only to find my internet connection had disappeared without a trace, so I tried to reinstall it only to find that when I got to 'add a new dial-up' (I have ISDN) that all the options after that except broadband were greyed out.
Since then it's refused to load lots of programs including an antivirus and winzip.
I've checked for viruses but I have a feeling my definitions aren't very up to date. Also been running Spybot, Ad Aware, Anti-Spyware, AVG *and* Norton but haven't found anything that seems to be important. And it seems to be getting worse without me doing anything!! Eg I've recently started getting "paging file is too small to complete operation" messages.

Sorry for the long message... Help!

Hello,amused & Welcome

Now what i am about to say is in no way a put down
but did you call the guy who did the work for you.
if so what did he say or should say what did he do

now that said it may help if you post this info
here first let the pros there have a look
http://www.d-a-l.com/help/forumdisplay.php?f=2

once they are done you are mine we
will try are best to help you out here

HGD

Thanks, unfortunately he's pretty hard to get in touch with and my junk is pretty much a side project (works for parents). He also lives abroad which is great. Anyway, thanks all the same!
I'll head over there now and see what they can do. Since I've been here I've got a bunch of fix it things (RegSupreme in particular which found almost 1000). It's also randomly started working slightly better and I fixed the paging file thing... *sigh*
I'll be back...

Hi,amused

No problem like i said we will try & help but please
lit me add this try not to fix anything more for now
you may remove something that till us what is going on
so yes goto the link i posted for you

HGD

Hi again, well I'm not getting anything there yet. So in the meantime I was wondering could I post my HijackThis log file so you could have a quick look? Sorry to bother ya

Hi,amused

Yes please do so but make sure not to install HijackThis to your
Desktop or a Temp folder install it in a folder in C:\Drive like so C:\HJT

HGD

Ok, here it goes.

---------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 16:06:22, on 27/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\System32\svchost.exe
D:\WINNT\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\WINNT\system32\CTsvcCDA.EXE
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\WINNT\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINNT\Explorer.EXE
D:\WINNT\system32\wfxsnt40.exe
D:\QUICKENW\QAGENT.EXE
D:\WINNT\System32\NILaunch.exe
D:\Program Files\Ahead\InCD\InCD.exe
D:\WINNT\system32\mrtMngr.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
D:\Program Files\iRiver\HSeries\iHPDetect.exe
D:\Program Files\Microsoft AntiSpyware\gcasServ.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
D:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
D:\WINNT\system32\ctfmon.exe
D:\WINNT\system32\fast.exe
D:\Documents and Settings\Roger Knight\Application Data\seal.exe
D:\Program Files\Symantec\WinFax\WFXCTL32.EXE
D:\Program Files\WinZip\WZQKPICK.EXE
D:\Program Files\Symantec\WinFax\CTITrayI.Exe
D:\Documents and Settings\Roger Knight\My Documents\HijackThis\HijackThis.exe
D:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eircom.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.eircom.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = D:\WINNT\PCHealth\HelpCtr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = D:\WINNT\PCHealth\HelpCtr\System\panels\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by eircom net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = ;<local>
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {035B0B7E-BAE4-D74F-B51C-B9EEFAF1BC9B} - D:\WINNT\system32\hzjs.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {A2041C38-52A8-8DC8-11EE-F4B7E5F56851} - D:\WINNT\nttp.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D30AC614-7ED1-4526-D393-74A2AEA66EC1} - D:\WINNT\system32\ifvfuvd.dll (file missing)
O2 - BHO: (no name) - {D54F2877-87FF-F17F-CD5C-CD57D58074F1} - D:\WINNT\system32\nvitc.dll (file missing)
O2 - BHO: (no name) - {E0621877-AACC-C44B-E06C-FD7AE5B059C1} - D:\WINNT\system32\nvitc.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [USBTA] D:\WINNT\System32\usbtapnp.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [QAGENT] D:\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [Net-It Launcher] D:\WINNT\System32\NILaunch.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINNT\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [NeroCheck] D:\WINNT\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [REGSHAVE] D:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [ashMaiSv] D:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [MimBoot] D:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ViewMgr] D:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iHP-100] D:\Program Files\iRiver\HSeries\iHPDetect.exe
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [Elqdg] D:\WINNT\system32\fast.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Catl] D:\Documents and Settings\Roger Knight\Application Data\seal.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Controller.LNK = D:\Program Files\Symantec\WinFax\WFXCTL32.EXE
O4 - Global Startup: PsiWin 2.3 Connection Server.lnk = D:\Program Files\Psion\PsiWin\Psconsv.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\FRONTP~1\OFFICE11\REFIEBAR.DL L
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.eircom.net
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.125.149 (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINNT\system32\CTsvcCDA.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Network Security Service (O?’ŽrtñåȲ$Ó) - Unknown owner - D:\WINNT\system32\iexc.exe (file missing)
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

-----------------------------------------------------
About your earlier advice, I managed to get some virus defs from yesterday onto Norton and now have 11 new adwares. Can I delete them lol?

Hi,amused

Ok the first big problem i see here is you are running 3 Virus scanners
this is a big no no it may/will start problems for you.
just pick one keep it updated

Check the following items in HijackThis.
Close all windows except HijackThis and click Fix checked:

The first 2 items if not using fix them
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eircom.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.eircom.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = D:\WINNT\PCHealth\HelpCtr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = D:\WINNT\PCHealth\HelpCtr\System\panels\blank.htm

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {035B0B7E-BAE4-D74F-B51C-B9EEFAF1BC9B} - D:\WINNT\system32\hzjs.dll (file missing)
O2 - BHO: (no name) - {A2041C38-52A8-8DC8-11EE-F4B7E5F56851} - D:\WINNT\nttp.dll (file missing)
O2 - BHO: (no name) - {D30AC614-7ED1-4526-D393-74A2AEA66EC1} - D:\WINNT\system32\ifvfuvd.dll (file missing)
O2 - BHO: (no name) - {D54F2877-87FF-F17F-CD5C-CD57D58074F1} - D:\WINNT\system32\nvitc.dll (file missing)
O2 - BHO: (no name) - {E0621877-AACC-C44B-E06C-FD7AE5B059C1} - D:\WINNT\system32\nvitc.dll (file missing)

Same as above if not using or want this fix it has your start Page locked
O14 - IERESET.INF: START_PAGE_URL=http://www.eircom.net

These items here if not put inplace by you fix them
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)

These can go
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.125.149 (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)

O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab

Then close out of HijackThis tell us how it is

once again part of your problem could be the running
of more then one Virus scanner

HGD

It's a miracle! I'm actually on my own computer, on the internet. Ah feels good. Thank you so so so much, I haven't got a clue what you did that changed it but thank you *so much*.