I've got a corruption at a specific point in registry which might be caused by a virus of somekind.
The regs corrupted are :
"HKLM->System->ControlSet001 (and also 002)->Control->NetDiagFx->Microsoft->HostDLLs->Layer 2 Security Helper"
it changed to "Layer 2 Sec rity Hel" (exactly as i wrote..) and the subkeys are deleted (comparing to healthy win 7 system)
the next 2 keys (Ndis.. something and another n.. something) are completely gone. I know these keys related to L2SecHC.DLL file, so missing these keys might affect pc's security.
then the next key :
"HKLM->System->ControlSet001 (and also 002)->Control->NetDiagFx->Microsoft->HostDLLs->NetCoreHelperClass" changed to "NetC`reHelperClass" and some infos inside are messed up.
all the other keys seems to be ok.
My computer was always protected with comodo IS. Everything was ok until it alert me few days ago about a virus in "tmp.edb" (probably a 'false positive alert'). so i checked for rootkits and found the above mentioned issue.
btw - my pc works fine in general.
My questions :
1. Does any one familiar with these keys corruption ?
2. Is it a security matter ?
i hoped to get an answers to my first two questions first.
i am not sure i need "cleaning" of the registry. i need a fix. and i need to know from where the corruption came. avoiding re-corruption is the real solution here..
if HostDLLs does not generate the relevant dll (l2sechc.dll) - will it cause a security issue ?