Problems? See this thread at archive.org.
Hi People,
Since August 11, I have been having this warning in the event viewer, every time the laptop starts up.
driver:mchInjDrv
service:mchInjDrv
(screen shots coming up)
I googled the last few days and came across many many entries like this 'mad code hook injection driver' belonging to various anti-SW, like threatfire, etc. for monitoring the programs, and that Windows Defender give' a false positive on this while doing a real-time protection scan.
Some of the search results in google date back a long time and so I am not sure if WD still gives a false positive on this.
First, what I could not find was, is there any way to know which program is installing this or to which program does this belong to?
Second, I found a registy key entry in
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MCHINJDRV" (I'll get in a screenshot soon) and I have no idea what this means.
Third, this warning is shown up only by WD and not by NIS or threatfire or any other scanner.
There were posts / reports online I found through google that this is legit and only WD gives a false positive, but I am not sure about this. There was even a forum thread saying this belongs to threatfire!!
Any suggestions people? Many thanks in advance.
Caps: http://img10.imageshack.us/gal.php?g=eventviewerwarning.jpg
Warning seen in event logs: http://img10.imageshack.us/img10/7955/eventviewerwarning.jpg
Reg Entry: http://img10.imageshack.us/img10/854/registryentry.jpg
Edit: I cannot find anything in the history of WD either. So I am like super confused
-
Thanks Baserk.
Strange, but I can't find it anywhere - not in Windows\system32\Drivers or Windows or Windows\System32
What' happening here?
I ran some more complete scan' too, but nothing turned up!!
service:mchInjDrv - Windows Defender False Positive?
Discussion in 'Security and Anti-Virus Software' started by fonduekid, Aug 17, 2009.
