I have been receiving assistance from Broni and nasdaq in the Virus, Trojan, Spyware, and Malware forum because I had originally searched for assistance referencing my DNSAPI.dll issue, and it seemed to indicate malware involving DNSAPI.dll.
Nasdaq directed me here for assistance. Security logs thread: http://www.bleepingcomputer.com/forums/t/629409/dnsapidll-appears-to-be-infected/. Original security thread: http://www.bleepingcomputer.com/forums/t/629264/likely-issuemalware-with-dnsapidll/
This issue began on October 12. My computer is an HP Pavilion that originally ran Windows 7 Home Edition; I upgraded to Windows 10 over this past summer (2016).
Original report from October 12:
When I woke my computer up to start working on schoolwork this morning, I found it had restarted due to updates. No other recent changes were made to the computer to the best of my knowledge. It was operating without issue yesterday.
After I logged into my account, I received an error message notification as follows:
Header: RzSynapse.exe - Bad Image
C:\WINDOWS\SYSTEM32\DNSAPI.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support. Error status 0xc0000020.
I tried clicking OK on the pop-up notification multiple times, but it does not stay closed. Same with trying to X out of the window. I tried opening Chrome to search for the error message, and I found that I could not navigate to any websites despite confirming that my Internet was working fine on other devices such as my mobile phone.
Firefox likewise would not launch. Trying to use Firefox results in the Mozilla Crash Reporter opening, and when I click Restart Firefox, it just reopens the Mozilla Crash Reporter.
Microsoft Edge works for using the Web, and that is how I am posting.
**OS information: I am running Windows 10 Home Edition, and I have Norton Antivirus Online plus Malwarebytes (free version) installed on my PC. Malwarebytes does not appear to be running, and if I try to launch Malwarebytes, I get the same DNSAPI.dll error message as above with the header changed to reflect mbam.exe - Bad Image.
New information since working with Nasdaq (all of this information is in the first thread I listed above):
- I uninstalled Chrome and am not able to reinstall due to the errors referencing DNSAPI.dll.
- Microsoft Cumulative Update KB3194798 is stuck installing. On restart, my computer states that it could not complete updates and is undoing changes. I have tried downloading directly from the Update Catalog, same issue. I ran UpdateRegistry.msi as recommended, same issue.
- sfc /scannow only completes to 19% whether I attempt to run it in standard or Safe mode.
- I have no system restore points available earlier than October 19. I attempted that, but it was still after I started having problems, so I have had no improvement.
- I cannot run a reset of Windows 10 in standard or Safe mode: "There was a problem resetting your PC. No changes were made."
Most of my applications still cannot access anything on the Internet. The Edge browser seems to be about it. Everything else generates the DNSAPI.dll error.
Any help you can give me is very much appreciated!
Edited by eriks84, 25 October 2016 - 08:55 AM.