I have a Windows 7 machine that was just infected with Trojan:Win32/Varpes.J!plock. The first symptoms were that a number of programs reported that DNSAPI.dll was missing (Chrome, Origin, etc) and in the lower right corner, there was a message saying that this version of Windows 7 was not genuine (but it is). I also received a message that two helper dll's were missing: NETIOHLP.DLL and NSHIPSEC.DLL.
Windows Security Essentials reports it is in the file C:\Windows\system32\DNSAPI.dll. When I clicked the button to remove the file, I received the error 0x800704ec The program is blocked by group policy. I tried to remove it manually, but got the same error.
How can I get rid of the infected file, get back the right file(s), and convince Windows that it's legit? Any help will be greatly appreciated.
Thanks in advance!