We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Registry corruption at a security key


poel

Likes # 0

I've got a corruption at a specific point in registry which might be caused by a virus of somekind. The regs corrupted are : "HKLM->System->ControlSet001 (and also 002)->Control->NetDiagFx->Microsoft->HostDLLs->Layer 2 Security Helper"

it changed to "Layer 2 Sec rity Hel" (exactly as i wrote..) and the subkeys are deleted (comparing to healthy win 7 system)

the next 2 keys (Ndis.. something and another n.. something) are completely gone. I know these keys related to L2SecHC.DLL file, so missing these keys might affect pc's security.

then the next key : "HKLM->System->ControlSet001 (and also 002)->Control->NetDiagFx->Microsoft->HostDLLs->NetCoreHelperClass" changed to "NetC`reHelperClass" and some infos inside are messed up.

all the other keys seems to be ok.

My computer was always protected with comodo IS. Everything was ok until it alert me few days ago about a virus in "tmp.edb" (probably a 'false positive alert'). so i checked for rootkits and found the above mentioned issue. btw - my pc works fine in general.

My questions : 1. Does any one familiar with these keys corruption ? 2. Is it a security matter ? 3. recommendations

Like this post
Fruit Bat /\0/\

Likes # 0

  1. Use malwarebytes to scan for nasties
    1. Clean the registry
    2. reboot
    3. rescan
Like this post
buteman

Likes # 0

This is the latest version of Malwarebytes and lets you try the pro Version for 2 weeks.

Malwarebytes Latest

Like this post
poel

Likes # 0

i hoped to get an answers to my first two questions first. i am not sure i need "cleaning" of the registry. i need a fix. and i need to know from where the corruption came. avoiding re-corruption is the real solution here..

if HostDLLs does not generate the relevant dll (l2sechc.dll) - will it cause a security issue ?

Like this post
Fruit Bat /\0/\

Likes # 0

No, but once your sure its clean a repair by

sfc /scannow

will replace any missing or corrupt windows files (which this is in windows\system)

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

8 cheapest 4G smartphones in the UK 2014: Best budget 4G phones

IDG UK Sites

Apple MacBook Air lab tests and benchmarks: 11-inch & 13-inch, 256GB, 2014 Mac laptops tested

IDG UK Sites

How to prank people using Google Glass

IDG UK Sites

Brian Cox to step into will.i.am's shoes with IBC keynote