Solved LaSuperba or some malware has taken over my computer!

[Halls]

Ok, I restarted after running that scan. No change still.

 

[TwinHeadedEagle]

Download RepairDNS to your Desktop and run it. Press GO. Restart your PC. Attach its report

Command Prompt

• Press the
  
  + R on your keyboard at the same time. Type services.msc and click OK.
• Scroll down until you find DNS Client service.
• Next to its name you should see Started or Stopped.
• If it is stopped, right click and click Start.
• Let me know if it started without problems.

Command Prompt

• Press the
  
  + R on your keyboard at the same time. Type services.msc and click OK.
• Scroll down until you find DHCP Client service.
• Next to its name you should see Started or Stopped.
• If it is stopped, right click and click Start.
• Let me know if it started without problems.

 

[Halls]

No, the DNS client service didn't run, same error as before.

 

[Halls]

Same error with DHCP.

 

[TwinHeadedEagle]

Okay. Let's see what else we can do.

Go to this location:

C:\Windows\System32

and this location

C:\Windows\SysWOW64

Find dnsapi.dll file in both folders.

=========================================

• Right click it and then select Properties.
• Select Security tab and then click Edit
• Click on Users and then make a picture of this screen.
• Do this for both files in both folders.

 

[Halls]

Ok, not positive this is the right thing but here are the two pictures.

 

[TwinHeadedEagle]

Okay, on these pictures, can you set Read, Read&Execute and Write permissions, for both users (Everyone, Administrator)?

 

[Halls]

Ok, done.

 

[TwinHeadedEagle]

Can you start services i asked you to do now after reboot?

 

[Halls]

The DNS Client service now has Started next to its name but I get the same error message when I try to start the DHCP Client service.

Oh! And I just realized that I missed your instruction on downloading RepairDNS...I just tried to and my computer (not the infected one) won't let me download it, saying it's a dangerous file or something like that.

 

[TwinHeadedEagle]

It is not dangerous, disable your antivirus and try again please.

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

 

[Halls]

Here are the three files (RepairDNS report, FRST.txt & Addition.txt).

 

[TwinHeadedEagle]

Yes, one service is disabled and we need to restore its functionality.

• Press the
  
  + R on your keyboard at the same time. Type regedit and click OK.
• Navigate to HKEY_LOCAL_MACHINE --> SYSTEM --> CurrentControlSet --> services
• Now you need to find Dhcp service
• Right click on it, choose Permissions and select NETWORK SERVICE
• Check Full Control and confirm with OK.
• Restart your PC and then try to start this service again, like you did before.

 

[Halls]

I tried to start the Dhcp service after restarting and it's still giving me the same error.

 

[TwinHeadedEagle]

Can you make a picture of DHCP service permissions in registry? Sorry, but it is really difficult for me and I believe for you to work like this. These are some non-standard and rarely seen procedures. I haven't had something like this in years.

 

[Halls]

Pic attached, is this what you need?

 

[TwinHeadedEagle]

Yes. When you scroll it down to Users, do you have full control?

 

[Halls]

Yes, I checked full control in all three.

 

[TwinHeadedEagle]

Still no go with DHCP service?

 

[Halls]

No go...