Solved LaSuperba or some malware has taken over my computer!

Download RepairDNS to your Desktop and run it. Press GO. Restart your PC. Attach its report




cmd_icon.png
Command Prompt
  • Press the
    WindowsKey.png
    + R on your keyboard at the same time. Type services.msc and click OK.
  • Scroll down until you find DNS Client service.
  • Next to its name you should see Started or Stopped.
  • If it is stopped, right click and click Start.
  • Let me know if it started without problems.


cmd_icon.png
Command Prompt
  • Press the
    WindowsKey.png
    + R on your keyboard at the same time. Type services.msc and click OK.
  • Scroll down until you find DHCP Client service.
  • Next to its name you should see Started or Stopped.
  • If it is stopped, right click and click Start.
  • Let me know if it started without problems.
 
Last edited:
Okay. Let's see what else we can do.

Go to this location:

C:\Windows\System32

and this location

C:\Windows\SysWOW64

Find dnsapi.dll file in both folders.

=========================================

  • Right click it and then select Properties.
  • Select Security tab and then click Edit
  • Click on Users and then make a picture of this screen.
  • Do this for both files in both folders.
 
Ok, not positive this is the right thing but here are the two pictures.
 

Attachments

  • System32.png
    System32.png
    140.8 KB · Views: 8
  • SysWOW64.png
    SysWOW64.png
    167.8 KB · Views: 8
Okay, on these pictures, can you set Read, Read&Execute and Write permissions, for both users (Everyone, Administrator)?
 
The DNS Client service now has Started next to its name but I get the same error message when I try to start the DHCP Client service.

Oh! And I just realized that I missed your instruction on downloading RepairDNS...I just tried to and my computer (not the infected one) won't let me download it, saying it's a dangerous file or something like that.
 
It is not dangerous, disable your antivirus and try again please.


FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content into your next reply.
 
Yes, one service is disabled and we need to restore its functionality.

  • Press the
    WindowsKey.png
    + R on your keyboard at the same time. Type regedit and click OK.
  • Navigate to HKEY_LOCAL_MACHINE --> SYSTEM --> CurrentControlSet --> services
  • Now you need to find Dhcp service
  • Right click on it, choose Permissions and select NETWORK SERVICE
  • Check Full Control and confirm with OK.
  • Restart your PC and then try to start this service again, like you did before.
 
Can you make a picture of DHCP service permissions in registry? Sorry, but it is really difficult for me and I believe for you to work like this. These are some non-standard and rarely seen procedures. I haven't had something like this in years.
 

You may also like...