Re: Malware in Windows XP

Thanks for the info.

I have deleted the file. But still coming back on every reboot. Pls let me
know how to remove it from "Windows StartUp"? Thanks.

It is really driving me crazy.

zhj23

"Malke" wrote:

zhj23 wrote:
Hello! Friends

I encounter this problem today. When I boot my PC, I keep on receiving this
security warning from my anti-virus software: Malware Win32 Trojan_gen
exists in the following path:

C:\WINDOWS\system32\Drivers\mchInjDrv.sys

I tried to delete or "move to chest" (as recommended) it. But it keeps
coming back when I reboot the PC. It is very irritating. How can I
permanently remove it? Is it harmful?


A quick Google for "mchinjdrv.sys" tells me that:

"MchInjDrv.sys is a driver for injecting code to other processes.
Publisher is legitimate: http://madshi.net
But it is often used by malicious software. Kill the file mchInjDrv.sys
and remove mchInjDrv.sys from Windows startup."

In addition to the doing the above, I suggest that you do:

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to
do all scans in Safe Mode.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://pcdid.com/Multi_AV.htm - download

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).

Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.


Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

.

Relevant Pages

  • Re: Pop-up vs. virus
    ... Maybe reboot in safe mode and re-run the scanners? ... Thanks for any help-oh I'm on Windows XP, ... Do a thorough check for malware, following all of the steps at one of these Web pages. ... Don't ever do a "default" install of anything. ...
    (microsoft.public.windowsxp.general)
  • Re: Major problem for me
    ... report said that there was a driver interferring with windows. ... can usually do one or two pages, then I have to reboot. ... Do a thorough check for malware, following all of the steps at one of these Web pages. ... Don't ever do a "default" install of anything. ...
    (microsoft.public.windowsxp.general)
  • Re: Windows Firewall/ICS Service Keep Resetting
    ... For some reason every time I reboot my computer the Windows ... Firewall?ICS service quits working with the following message: ... Scan your system for malware ASAP. ...
    (microsoft.public.windowsxp.general)
  • Re: System Error
    ... I'm running Windows Defender Beta, Symantec and PC Tools for malware. ... One is to install the drive in another XP or Windows 2000 computer as a slave drive and copy the important data. ... Then reboot and see if it runs. ...
    (microsoft.public.windowsxp.general)
  • Re: Malware in Windows XP
    ... But still coming back on every reboot. ... Pls let me know how to remove it from "Windows StartUp"? ... Clean-boot advanced troubleshooting in Windows XP - http://support.microsoft.com/kb/316434 ...
    (microsoft.public.windowsxp.security_admin)