desktop hijacker

In the future please do not post HJT logs unless they are requested and remember to exit browsers before running HJT. Also you did not run all the steps in the READ ME FIRST. For example, I can tell that you did not run eiter the BitDefender or RavAntivirus online scanners. However, your log shows no problems.

How are you trying to run services.msc? Did you look in c:\windows\system32 for the services.msc file? By look, I mean using Windows Explorer not Search.

Also for the Desktop problem, goto the following link and run step # 8.

SpySheriff (aka SpywareNo) Removal

 

Did you run BitDefender and Rav before or after posting your log? There should be O16 line entries for each of them when they are run. It should bot matter whether you ran them in safe mode or nomal mode, the O16 lines should still show.

As asked in my previous message:

Did you look in c:\windows\system32 for the services.msc file? By look, I mean using Windows Explorer not Search.

 

It would be better (as you can tell) that you do not fix anything on your own. That way we can find what we are looking for.

You still did not directly answer my question. Did you find service.msc or not?
Also how many other .msc files did you find in system32 (sort your folders by Type)?

You must answer this question. Not having the files is one problem and having the files and not being able to run them is a different one.

I going to assume that you have the files (17 of them) and they just do not run. I'm also assuming that you have Administrator priviledges (if not they will not work either). So with those assumptions try the below:

Click Start, click Run, type cmd in the Open box, and then click OK.
Type the following command at the command prompt and then press ENTER:

regsvr32 C:\Windows\system32\msxml3.dll

After the command completes successfully, you should receive the following message:

DllRegisterServer in C:\Windows\system32\msxml3.dll succeeded

Tell me if this helps.

 

Boot into safe mode and copy the msxml3.dll file from the C:\WINDOWS\SYSTEM32\DLLCACHE folder into your c:\windows\system32 folder. The try your .msc files. If it does not work, then repeat the regsrv32 command.

Note: the spelling of the file name. I'll repeat with capital letters to make sure you have it correct: MSXML3.DLL

 

There may be another copy on your PC in an i386 folder. It could be c:\i386 or it could be located elsewhere. It may be easier to just search for it as given below:

Click Search and the Select "All files and folders"
Enter the filename in the "All or part of the file name:" box, so enter MSXML3.DLL
Now select "More advanced options"
Make sure the following check boxes are checked:
- Search system folders
- Search hidden files and folders
- Search subfolders
Then click the Search button.

If you find one in an i386 folder, copy it to the C:\Windows\system32\ folder

 

We may need to get a different version of the file. Your version should be 8.50.2162.0 MSXML 3.0 SP 5, because you are running WinXP SP2. The version in your i386 folder is probably not for SP2. I found the version info for the OS here:

http://support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=msxml3.dll&S=1&start=25

There may be another folder on you PC with file from the SP2 upgrade. I'm assuming you upgraded. Is that true.

The file is also downloadable from: http://www.dll-files.com/dllindex/dll-files.shtml?msxml3

 

You're welcome. When you get the new version and put it into the system32 folder, reboot and then see how things look. If still not right, try using the regsrv32 command on the new file.

 

Did you reboot after putting the file in the system32 folder?
Did you try registering the file again after reboot?

 

Are you still having problems using Search too? If so, try the below:

- Click Start, click Run, type %systemroot%\inf, then click OK.
- Locate the Srchasst.inf file in the window that comes up.
- Right-click the Srchasst.inf file, and then click Install. This reinstalls the files that Search Companion uses.

 

Question: If you use Windows Explorer to locate any of the .msc files and then just double click on any one of them, tell me the exact word for word message you get.

 

Let's ask the obvious first. Do you have Administrator priviledges? Are you sure?

 

If you find you are an Admin, try the below:

You may need your Windows XP CD when doing the below. It will prompt you if necessary to put it in the drive (so it would not hurt to start with it in the drive).

We are now going to run a System File Check (sfc) to look for missing/damage system files.
Click Start, Run, and enter cmd and click OK. This will open up a command prompt. At the command prompt type the below command followed by the enter key.

sfc /scannow

Let me know what happens! If this does not help, I would recommend continuing this in the Sotware Forum as this is not a malware issue from what I can tell.

 

Okay! If you do windup posting in the Software Forum, you should give them a link to this thread so they can see what was already tried.