Solved Removal of virus has blocked internet. PLEASE PLEASE HELP

Windows 7: Virus Deletion Now Makes Internet Access Impossible Part 2

Browsing through the forums and came across a case involving someone named Florida Rene who was experiencing similar issues to what i am now dealing with. Basically, it looks like Avast quarantined/deleted a file (likely malware that I thought I'd cleaned) called plsapp.dll. Since the deletion of that file, I am unable to get online even though my network says I have network access. I have run MBAM, Combofix, ESET and nothing is coming up as a threat. I am sure it has to do with some program called Pure Leads? I uninstalled Chrome, do not have Firefox and IE also will not connect. Please help!

run command prompt as administrator

type
netsh int ip reset
enter
type
netsh winsock reset
enter
type (just for good measure)
ipconfig /flushdns

close command prompt, reboot computer

Unfortunately, it did not work. Sorry about the font size.

Overnight I re-ran MBAM, ESET and no threats were found. Still down.

Browsing through the forums and came across a case involving someone named Florida Rene who was experiencing similar issues to what i am now dealing with (this person worked with Cottonball). Basically, it looks like Avast quarantined/deleted a file (likely malware that I thought I'd cleaned) called plsapp.dll. Since the deletion of that file, I am unable to get online even though my network says I have network access. I have run MBAM, Combofix, ESET, OTM, FSS and nothing is coming up as a threat. I am sure it has to do with some program called Pure Leads? I uninstalled Chrome, do not have Firefox and IE also will not connect. Please help!

I think possibly you're having the problem because of a broken Winsock connection ... cause by removing plsapp.dll

Try this:
Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Right click on the .bat file to run as Administrator.
Your computer will reboot itself.

If that doesn't work .... download AdwCleaner by Xplode and save to your Desktop.


Step 1.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Step 2.
Using AdwCleaner: Scan & Clean:
This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder
******Post both .txt logs

This is the program, (PureLeads by Sendori) that caused the malware PureLeads by Sendori - Should I Remove It?

Still nothing. I've attached some recent FSS and systemlook reports.

Try:
- Restore the dll from Avast quarantine.
- Scan with MBAM again, but make sure Settings - Detection and Protection - Scan for rootkit is checked and PUP: treat as malware, PUM: treat as malware is set.

I ave run AdwCleaner this morning with no results. I am running it again right now. Thank you so much for your quick reply, I have been working on this issue for hours.

# AdwCleaner v4.206 - Logfile created 19/06/2015 at 10:59:06
# Updated 01/06/2015 by Xplode
# Database : 2015-05-31.5 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Avg Secure Update
Key Found : [x64] HKCU\Software\Avg Secure Update
Key Found : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : HKU\.DEFAULT\Software\Avg Secure Update

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [7041 bytes] - [27/05/2015 16:18:02]
AdwCleaner[R1].txt - [4789 bytes] - [19/06/2015 10:59:06]
AdwCleaner[S0].txt - [6937 bytes] - [27/05/2015 16:19:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4907 bytes] ##########

***Post-Clean ADW Report***

# AdwCleaner v4.205 - Logfile created 27/05/2015 at 16:19:13
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : user - USER-PC
# Running from : C:\Users\user\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
File Deleted : C:\END
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_videoapi.my.mail.ru_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_videoapi.my.mail.ru_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_vshare.eu_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_vshare.eu_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Google Chrome v43.0.2357.81


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [6743 bytes] - [27/05/2015 16:18:02]
AdwCleaner[S0].txt - [6726 bytes] - [27/05/2015 16:19:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6785 bytes] ##########
# AdwCleaner v4.206 - Logfile created 19/06/2015 at 11:05:38
# Updated 01/06/2015 by Xplode
# Database : 2015-05-31.5 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Avg Secure Update
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [7041 bytes] - [27/05/2015 16:18:02]
AdwCleaner[R1].txt - [5062 bytes] - [19/06/2015 10:59:06]
AdwCleaner[S0].txt - [11842 bytes] - [27/05/2015 16:19:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11902 bytes] ##########

Newest SystemLook report (after cleaning with ADW):

SystemLook 30.07.11 by jpshortstuff
Log created at 11:46 on 19/06/2015 by user
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "*PureLeads*"
No files found.

Searching for "Pure Leads.*"
No files found.

Searching for "*plsapp*"
C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\plsapp64.dll ------- 439296 bytes [21:33 27/05/2015] [21:33 27/05/2015] 33948FF6D642994C5831809F3234F30A
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\plsapp64.lnk --a---- 752 bytes [05:19 19/06/2015] [16:56 19/06/2015] 4C06075E3BD38AD4EF24391F91E63E0D
C:\Windows\System32\plsapp.dll --a---- 354592 bytes [20:17 18/05/2014] [23:12 23/01/2014] 40B9FD5561C83D37F904848F96471ED8
C:\Windows\SysWOW64\plsapp.dll --a---- 354592 bytes [20:17 18/05/2014] [23:12 23/01/2014] 40B9FD5561C83D37F904848F96471ED8

Searching for "Pure Leads.*"
No files found.

Searching for "Pure Leads"
No files found.

Searching for "Installer\*.ms.*"
No files found.

Searching for "Temp\*.msi"
No files found.

========== folderfind ==========

Searching for "*Pure Leads*"
No folders found.

Searching for "Pure Leads"
No folders found.

Searching for "*plsapp"
No folders found.

Searching for "plsapp.*"
No folders found.

Searching for "Installer\*.msi "
No folders found.

Searching for "Pure Leads.msi"
No folders found.

Searching for "Temp\*.msi"
No folders found.

========== regfind ==========

Searching for "*Pure Leads*"
No data found.

Searching for "Pure Leads"
No data found.

Searching for "Pure Leads"
No data found.

Searching for "*plsapp*"
No data found.

Searching for "adpeak"
No data found.

Searching for "Installer\*.msi "
No data found.

Searching for "PureLeads.msi"
No data found.

Searching for "Temp\*.msi"
No data found.

-= EOF =-

I am unable to find plsapp.dll (the root of this issue (Pure Leads Sendori)) anywhere on the affected pc.

New SystemLook report: (disregard systemlook3):

SystemLook 30.07.11 by jpshortstuff
Log created at 11:51 on 19/06/2015 by user
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "*PureLeads*"
No files found.

Searching for "Pure Leads.*"
No files found.

Searching for "*plsapp*"
C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\plsapp64.dll ------- 439296 bytes [21:33 27/05/2015] [21:33 27/05/2015] 33948FF6D642994C5831809F3234F30A
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\plsapp64.lnk --a---- 752 bytes [05:19 19/06/2015] [16:56 19/06/2015] 4C06075E3BD38AD4EF24391F91E63E0D
C:\Windows\System32\plsapp.dll --a---- 354592 bytes [20:17 18/05/2014] [23:12 23/01/2014] 40B9FD5561C83D37F904848F96471ED8
C:\Windows\SysWOW64\plsapp.dll --a---- 354592 bytes [20:17 18/05/2014] [23:12 23/01/2014] 40B9FD5561C83D37F904848F96471ED8

Searching for "Pure Leads.*"
No files found.

Searching for "Pure Leads"
No files found.

Searching for "Installer\*.msi"
C:\System Volume Information\SystemRestore\FRStaging\Windows\dda2a.msi --a---- 38686720 bytes [23:42 22/05/2015] [23:42 22/05/2015] (Unable to calculate MD5)
C:\Windows\10320d5.msi --a---- 26112 bytes [04:28 13/11/2014] [04:28 13/11/2014] (Unable to calculate MD5)
C:\Windows\1082342.msi --a---- 40960 bytes [04:56 10/05/2014] [04:56 10/05/2014] (Unable to calculate MD5)
C:\Windows\1082347.msi --a---- 13684736 bytes [04:56 10/05/2014] [04:56 10/05/2014] (Unable to calculate MD5)
C:\Windows\11ed18c0.msi --a---- 143360 bytes [10:40 05/10/2013] [10:40 05/10/2013] (Unable to calculate MD5)
C:\Windows\11ed18c6.msi --a---- 143360 bytes [10:40 05/10/2013] [10:40 05/10/2013] (Unable to calculate MD5)
C:\Windows\126fdd8.msi --a---- 227328 bytes [11:54 19/04/2011] [11:54 19/04/2011] (Unable to calculate MD5)
C:\Windows\126fddd.msi --a---- 235520 bytes [11:21 19/04/2011] [11:21 19/04/2011] (Unable to calculate MD5)
C:\Windows\12ac809.msi --a---- 232960 bytes [21:11 08/08/2008] [21:11 08/08/2008] (Unable to calculate MD5)
C:\Windows\12ae4cd.msi --a---- 10100736 bytes [19:36 11/05/2015] [19:36 11/05/2015] (Unable to calculate MD5)
C:\Windows\12ae4dc.msi --a---- 675840 bytes [19:36 11/05/2015] [19:36 11/05/2015] (Unable to calculate MD5)
C:\Windows\130f87c.msi --a---- 1220608 bytes [23:43 25/09/2014] [23:43 25/09/2014] (Unable to calculate MD5)
C:\Windows\17dbdbe.msi --a---- 2818048 bytes [14:09 02/12/2006] [14:09 02/12/2006] (Unable to calculate MD5)
C:\Windows\17dbdc3.msi --a---- 242176 bytes [21:46 08/08/2008] [21:46 08/08/2008] (Unable to calculate MD5)
C:\Windows\1b7c52a.msi --a---- 37888 bytes [06:42 14/02/2014] [06:42 14/02/2014] (Unable to calculate MD5)
C:\Windows\1bb50a.msi --a---- 2385920 bytes [03:47 24/09/2012] [03:47 24/09/2012] (Unable to calculate MD5)
C:\Windows\21c3c0.msi --a---- 1219584 bytes [21:57 30/09/2009] [21:57 30/09/2009] (Unable to calculate MD5)
C:\Windows\21df088.msi --a---- 2770944 bytes [15:44 16/04/2011] [15:44 16/04/2011] (Unable to calculate MD5)
C:\Windows\310e77.msi --a---- 223232 bytes [19:16 12/07/2009] [19:16 12/07/2009] (Unable to calculate MD5)
C:\Windows\3af2275.msi --a---- 1572864 bytes [16:48 12/04/2014] [16:48 12/04/2014] (Unable to calculate MD5)
C:\Windows\3f4a185.msi --a---- 33140736 bytes [10:33 04/07/2014] [10:33 04/07/2014] (Unable to calculate MD5)
C:\Windows\3f4a191.msi --a---- 11522048 bytes [01:29 02/07/2014] [01:29 02/07/2014] (Unable to calculate MD5)
C:\Windows\3f4a197.msi --a---- 2323456 bytes [14:13 21/02/2014] [14:13 21/02/2014] (Unable to calculate MD5)
C:\Windows\4cd2f81.msi --a---- 33902592 bytes [14:40 14/04/2015] [14:40 14/04/2015] (Unable to calculate MD5)
C:\Windows\4feb28a.msi --a---- 2736640 bytes [09:35 12/07/2009] [09:35 12/07/2009] (Unable to calculate MD5)
C:\Windows\4feb28f.msi --a---- 232960 bytes [15:12 07/11/2007] [15:12 07/11/2007] (Unable to calculate MD5)
C:\Windows\6cc7528.msi --a---- 3227648 bytes [09:20 02/12/2006] [09:20 02/12/2006] (Unable to calculate MD5)
C:\Windows\6cc753c.msi --a---- 6575616 bytes [11:48 13/04/2015] [11:48 13/04/2015] (Unable to calculate MD5)
C:\Windows\6cc7542.msi --a---- 3375104 bytes [11:48 13/04/2015] [11:48 13/04/2015] (Unable to calculate MD5)
C:\Windows\6f0ee31.msi --a---- 21594112 bytes [01:21 21/02/2014] [01:21 21/02/2014] (Unable to calculate MD5)
C:\Windows\77a86d7.msi --a---- 151552 bytes [13:08 30/10/2013] [13:08 30/10/2013] (Unable to calculate MD5)
C:\Windows\77a86e1.msi --a---- 151552 bytes [13:08 30/10/2013] [13:08 30/10/2013] (Unable to calculate MD5)
C:\Windows\77a86eb.msi --a---- 151552 bytes [13:09 30/10/2013] [13:09 30/10/2013] (Unable to calculate MD5)
C:\Windows\77a86f5.msi --a---- 151552 bytes [13:08 30/10/2013] [13:08 30/10/2013] (Unable to calculate MD5)
C:\Windows\77a871a.msi --a---- 143360 bytes [04:11 13/03/2014] [04:11 13/03/2014] (Unable to calculate MD5)
C:\Windows\77a8720.msi --a---- 143360 bytes [04:11 13/03/2014] [04:11 13/03/2014] (Unable to calculate MD5)
C:\Windows\7ca84e5.msi --a---- 3186176 bytes [07:14 16/04/2011] [07:14 16/04/2011] (Unable to calculate MD5)
C:\Windows\9a7b11.msi --a---- 163840 bytes [11:30 11/06/2011] [11:30 11/06/2011] (Unable to calculate MD5)
C:\Windows\9a9e3a.msi --a---- 177664 bytes [11:29 11/06/2011] [11:29 11/06/2011] (Unable to calculate MD5)
C:\Windows\b21fd6.msi --a---- 1691648 bytes [23:34 26/09/2012] [23:34 26/09/2012] (Unable to calculate MD5)
C:\Windows\b21fdb.msi --a---- 12635648 bytes [07:41 13/09/2012] [07:41 13/09/2012] (Unable to calculate MD5)
C:\Windows\b21fe0.msi --a---- 734720 bytes [07:41 13/09/2012] [07:41 13/09/2012] (Unable to calculate MD5)
C:\Windows\b21fe5.msi --a---- 889344 bytes [23:46 26/09/2012] [23:46 26/09/2012] (Unable to calculate MD5)
C:\Windows\b21fea.msi --a---- 487936 bytes [22:15 23/07/2012] [22:15 23/07/2012] (Unable to calculate MD5)
C:\Windows\b21fef.msi --a---- 1406976 bytes [22:19 26/09/2012] [22:19 26/09/2012] (Unable to calculate MD5)
C:\Windows\b21ff4.msi --a---- 1686528 bytes [23:36 26/09/2012] [23:36 26/09/2012] (Unable to calculate MD5)
C:\Windows\b21ff9.msi --a---- 4755456 bytes [07:41 13/09/2012] [07:41 13/09/2012] (Unable to calculate MD5)
C:\Windows\b21ffe.msi --a---- 4807680 bytes [07:41 13/09/2012] [07:41 13/09/2012] (Unable to calculate MD5)
C:\Windows\b22003.msi --a---- 468992 bytes [02:51 27/07/2011] [02:51 27/07/2011] (Unable to calculate MD5)
C:\Windows\b22008.msi --a---- 119296 bytes [03:26 13/06/2011] [03:26 13/06/2011] (Unable to calculate MD5)
C:\Windows\b2200d.msi --a---- 379904 bytes [22:14 11/11/2011] [22:14 11/11/2011] (Unable to calculate MD5)
C:\Windows\b57314.msi --a---- 7671808 bytes [04:03 09/05/2014] [04:03 09/05/2014] (Unable to calculate MD5)
C:\Windows\ba65f31.msi --a---- 9719808 bytes [14:41 24/07/2014] [14:41 24/07/2014] (Unable to calculate MD5)
C:\Windows\bd45de8.msi --a---- 1305600 bytes [08:41 12/08/2008] [08:41 12/08/2008] (Unable to calculate MD5)
C:\Windows\d24e4bf.msi --a---- 7060992 bytes [07:01 31/12/2014] [07:01 31/12/2014] (Unable to calculate MD5)
C:\Windows\d32bf7.msi --a---- 2376704 bytes [05:07 31/03/2010] [05:07 31/03/2010] (Unable to calculate MD5)
C:\Windows\d32c06.msi --a---- 2081792 bytes [17:47 17/07/2008] [17:47 17/07/2008] (Unable to calculate MD5)
C:\Windows\d32c0b.msi --a---- 1898496 bytes [15:11 22/07/2008] [15:11 22/07/2008] (Unable to calculate MD5)
C:\Windows\d32c10.msi --a---- 964608 bytes [21:25 06/02/2009] [21:25 06/02/2009] (Unable to calculate MD5)
C:\Windows\d32c15.msi --a---- 932864 bytes [22:23 06/02/2009] [22:23 06/02/2009] (Unable to calculate MD5)
C:\Windows\d32c1a.msi --a---- 330752 bytes [16:00 29/10/2008] [16:00 29/10/2008] (Unable to calculate MD5)
C:\Windows\d32c24.msi --a---- 739328 bytes [16:09 26/07/2009] [16:09 26/07/2009] (Unable to calculate MD5)
C:\Windows\d32c29.msi --a---- 240128 bytes [15:29 05/07/2009] [15:29 05/07/2009] (Unable to calculate MD5)
C:\Windows\d32c34.msi --a---- 3279872 bytes [22:40 26/07/2009] [22:40 26/07/2009] (Unable to calculate MD5)
C:\Windows\d32c39.msi --a---- 13992448 bytes [22:40 26/07/2009] [22:40 26/07/2009] (Unable to calculate MD5)
C:\Windows\d32c3e.msi --a---- 1819136 bytes [16:08 16/05/2007] [16:08 16/05/2007] (Unable to calculate MD5)
C:\Windows\d32c43.msi --a---- 1449984 bytes [16:15 26/07/2009] [16:15 26/07/2009] (Unable to calculate MD5)
C:\Windows\d32c48.msi --a---- 18756608 bytes [18:21 10/07/2009] [18:21 10/07/2009] (Unable to calculate MD5)
C:\Windows\d32c4e.msi --a---- 6761472 bytes [05:31 31/07/2009] [05:31 31/07/2009] (Unable to calculate MD5)
C:\Windows\d32c58.msi --a---- 2552832 bytes [19:55 30/01/2009] [19:55 30/01/2009] (Unable to calculate MD5)
C:\Windows\d32c5d.msi --a---- 1432064 bytes [19:55 30/01/2009] [19:55 30/01/2009] (Unable to calculate MD5)
C:\Windows\d32c67.msi --a---- 5765632 bytes [00:32 27/07/2009] [00:32 27/07/2009] (Unable to calculate MD5)
C:\Windows\dda2a.msi --a---- 38686720 bytes [23:42 22/05/2015] [23:42 22/05/2015] (Unable to calculate MD5)
C:\Windows\df0008a.msi --a---- 2772992 bytes [16:52 12/05/2011] [16:52 12/05/2011] (Unable to calculate MD5)
C:\Windows\df40865.msi --a---- 4070912 bytes [00:06 23/07/2014] [00:06 23/07/2014] (Unable to calculate MD5)

Searching for "Installer\*.msp"
C:\Windows\12b99ba.msp -ra---- 2424832 bytes [08:57 11/08/2014] [08:57 11/08/2014] (Unable to calculate MD5)
C:\Windows\150b0.msp -ra---- 14835712 bytes [13:22 08/05/2015] [13:22 08/05/2015] (Unable to calculate MD5)
C:\Windows\1b7c532.msp -ra---- 53303296 bytes [10:02 09/05/2014] [10:02 09/05/2014] (Unable to calculate MD5)
C:\Windows\1bb5a3.msp -ra---- 19824640 bytes [12:17 08/01/2014] [12:17 08/01/2014] (Unable to calculate MD5)
C:\Windows\1da35d.msp -ra---- 10502144 bytes [01:34 06/02/2015] [01:34 06/02/2015] (Unable to calculate MD5)
C:\Windows\31ea0df.msp -ra---- 53303296 bytes [10:00 24/07/2014] [10:00 24/07/2014] (Unable to calculate MD5)
C:\Windows\3d0a4f7.msp -ra---- 53299200 bytes [11:00 13/12/2014] [11:00 13/12/2014] (Unable to calculate MD5)
C:\Windows\67be6f4.msp -ra---- 53442560 bytes [11:00 10/12/2014] [11:00 10/12/2014] (Unable to calculate MD5)
C:\Windows\6eef145.msp -ra---- 6922240 bytes [13:58 08/12/2014] [13:58 08/12/2014] (Unable to calculate MD5)
C:\Windows\7214199.msp -ra---- 43950080 bytes [11:40 10/05/2014] [11:40 10/05/2014] (Unable to calculate MD5)
C:\Windows\731eae8.msp -ra---- 11591680 bytes [10:03 15/09/2014] [10:03 15/09/2014] (Unable to calculate MD5)
C:\Windows\9a7b12.msp -ra---- 4028928 bytes [04:27 29/06/2011] [04:27 29/06/2011] (Unable to calculate MD5)
C:\Windows\9a9e3b.msp -ra---- 4637184 bytes [04:21 29/06/2011] [04:21 29/06/2011] (Unable to calculate MD5)
C:\Windows\bf7225.msp -ra---- 53332992 bytes [01:31 13/05/2015] [01:31 13/05/2015] (Unable to calculate MD5)
C:\Windows\bf722e.msp -ra---- 3084288 bytes [03:40 17/02/2015] [03:40 17/02/2015] (Unable to calculate MD5)
C:\Windows\c30153.msp -ra---- 421888 bytes [23:17 17/02/2015] [23:17 17/02/2015] (Unable to calculate MD5)

Searching for "Temp\*.msi"
No files found.

========== folderfind ==========

Searching for "*Pure Leads*"
No folders found.

Searching for "Pure Leads"
No folders found.

Searching for "*plsapp"
No folders found.

Searching for "plsapp.*"
No folders found.

Searching for "Installer\*.msi "
No folders found.

Searching for "Pure Leads.msi"
No folders found.

Searching for "Temp\*.msi"
No folders found.

========== regfind ==========

Searching for "*Pure Leads*"
No data found.

Searching for "Pure Leads"
No data found.

Searching for "Pure Leads"
No data found.

Searching for "*plsapp*"
No data found.

Searching for "adpeak"
No data found.

Searching for "Installer\*.msi "
No data found.

Searching for "PureLeads.msi"
No data found.

Searching for "Temp\*.msi"
No data found.

-= EOF =-

https://blog.avast.com/2015/03/19/how-to-use-the-avast-virus-chest/
restore the dll, if it quarantine again , then exclude from scan and restore

Disable the proxy settings in Internet Explorer:
1) Under “Tools” in the browser tool bar select “Internet Options”.
2) In the “Internet Options” window that pops up, click the “Connections” tab at the top.
3) Click “LAN Settings” near the bottom of the “Connections” section.
4) If the “Proxy server” checkbox is marked with a check, click it to deselect/uncheck it.
5) Click “Ok” to close the “Local Area Network (LAN) Settings” window.
6) Click “Ok” to close the “Internet Options” window.
Reboot
Make sure "Proxy server" is still disabled under your LAN Settings.
Test whether internet connectivity is restored.

Next,
scan your machine with ESET OnlineScan

1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
2. Click the
   
   button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. Click on
      
      to download the ESET Smart Installer. Save it to your desktop.
   2. Double click on the
      
      icon on your desktop.
4. Check
   
5. Click the
   
   button.
6. Accept any security warnings from your browser.
7. Check
   
8. Push the Start button.
9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
10. When the scan completes, push
    
11. Push
    
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
12. Push the
    
    button.
13. Push
    

Here is the screenshot of the virus chest. The only instance of plsapp was in a completely different folder and quarantined months ago. Also included are reports from Farbar, SL, and Adware Cleaner before and after.

I have included some screenshots. One which shows that the "Windows" folder is no longer visible. The other shows a hidden folder called c:\Windows\Installer with some unknown files (?)

Ah, sorry mate. I was misleading you as I thought that was an MS dll. Don't bother restoring it.

Try MiniToolBox Download

Also run in cmd:
netsh winsock reset all
netsh int 6to4 reset all
netsh int ipv4 reset all
netsh int ipv6 reset all
netsh int httpstunnel reset all
netsh int isatap reset all
netsh int portproxy reset all
netsh int tcp reset all
netsh int teredo reset all

I am not sure if you need all the commands, just try to run.