You probably know that people are having some trouble with MchInjDrv.sys. I managed to block it with your HIPS Application Control, but it still infects my computer even though it seems to be invisible. Is anybody doing anything about this?
This driver is a legitimate code injector, its a hidden driver. mchinjdrv stands for Mad Code Hook Injection Driver (seriously). The free version was taken down late 2005 (I think) because of abuse & that’s the one you find in Malware. You don’t find this one because it is not free. This driver is used by CFP (2.4, I don’t think version 3 uses it… Egemen?) & A-Squared products to name but a couple. Deleting it (if you can find it) is futile since its installed (by what uses it) dynamically at run-time. It is not an infection.
OK. That must be why I’ve been having such a hard time finding an anti-virus program to take care of my problem. I finally did find a program, CureIt, which found Script Viruses in my 10 previous System Restore files. It’s funny that no programs have been able to find those! This MchInjDrv.sys is hitting it big on the Geek websites just now.
OK. Now how do I get MchInjDrv.sys to work again? Whenever I try to run the HIPS manager, about a dozen filenames show up on the list and then the manager just disappears. I think their may be a bug there.
You mentioned HIPS, is this CAVS orof CFP3… or something else? If you have managed to remove MchInjDrv.sys from your system, then the quickest way to resolve this would be to re-install whatever is not working.
No, I haven’t removed it from my system, I don’t believe that I can. I’ve, set HIPS to disallow it and I now need to set HIPS to allow it. I tried the HIPS manager and it doesn’t seem to work right. What should I do now?
How did you disallow it? CAVS?