Registry Threat

First the basics I run:

Windows XP Home Edition ver 5.1.2600
(build 2600.xpsp-sp3-gdr. 101209-1647: Service Pack 3)

Windows Internet Explorer ver. 8.0.601.18702

Regedit ver 5.1
(build 2600.xpsp-sp3-gdr. 101209-1647: Service Pack 3)

AVG 2011 ver. 10.0.1375
Virus database ver. 1509/3652

Malwarebytes’ Anti-Malware ver.
Database ver. 6617

And a few other registry error/cleanup programs occasionally, all of which reports that all Registry errors have been corrected and quarantined. I have only 1-machine and I am the “Administrator”.

The problem:

I continue to get one (1) THREAT logged in Malwarebytes runs.
It states “Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Start (Disabled.Cryptsvc) -> Bad: (4) Good: (2) -> Quarantined and deleted successfully.

Yet it keeps coming back every other day?

In AVG 2011 I get 0 (zero) threats found.

In Regedit I noted that there was no “Start” subfolder at the end of the file path. I then added one (1) as “New Key #1” then renamed it to “Start”, and set the value to “2”. The threat warning reoccurred so I reset the entry to “Binary”. The threat warning stills comes back.

Help anyone please ??????? How can I fix this ?????

2 answers Last reply
More about registry threat
  1. Have you tried to run your virus protection in Safe Mode? You can restart your computer and just before it gets past the bios go ahead and press F8 to open the windows advanced start options menu to show up.

    Oh, another thing to keep in mind is quarantining doesn't remove the virus or other adware it only prevents it from being ran, however you normally have an option in your virus protection to permanently remove those that were previously quarantined.
  2. it is a legit microsoft service don't delete!

    read this!
Ask a new question

Read More

Registry Windows XP