re: High CPU by system process freezes system
Sunday, August 10, 2008 at 2:05 am
Windows XP Annoyances Discussion Forum
Posted by Spexx
(2229 messages posted)
I'm latched on to the one idea now. This driver mchInjdrv.sys. As I said before it
is known to be used by Trojan Hunter, but it is also known to be exploited by malware
too according to the sources I found. Now you say that it cannot be found on the
disk it is particularly worrying. We know it is there because it is loading in the
bootlog, but it is hidden from the operating system. Characteristic of rootkit infection
and I have been seeing increasing numbers of similar things. First thing to do if
the file itself cannot be seen is to see if it can be prevented from loading by disabling
the registry entry for it (as long as that isn't hiding as well). Download Microsoft
Autoruns Utility and read the release notes before using. Once you have the program
running, allow it time to inspect the system and then click on the Drivers tab. If
you can see mchInjdrv there, just disable it by unchecking the box, then reboot to
see if matters have improved. I fear that it may not show up though. It is also worth
having a scan with Rootkit
Revealer - you can't fix anything with it but it may reveal a few things of interest
and provide a sanity check at least. The biggest problem with rootkit-style infections
is that you cannot trust the operating system to tell the truth, so my usual trick
is to boot the PC from a bootable CD such as my trusty UBCD4WIN
to give me something to believe in. Your local PC repair specialist may also be able
to help. Cheers. Spexx.
|
All messages in this thread [show all]
 | | | | | | | | | | |  | re: High CPU by system process freezes system (Spexx: Sun, Aug 10, 2008, 2:05 am) |
| |
| |
| |
Return to the Windows XP Discussion Forum
|
|
