MCHINJDRV.SYS Question

I seem to be having a problem fully booting Vista SP1. This recently started
occuring. It boots up to a certain point with all my desktop Icons intact
then freezes. I should note that sometimes it fully boots but more often
than not it doesn't. I haven't installed any new progams and I've testing my
HDD for errors. I accessed my ntbtlog.txt file and notice that this driver
is always at or near the end:

Loaded driver \??\C:\Windows\system32\Drivers\mchInjDrv.sys

I only mention this driver because of the \??\ and also because in searching
for information on it there seems to be a consensus that this is a bad driver
being a trojan or malware. I tried to find it in system32\drivers but it's
hidden.

How can I find and eliminate this driver?

This is only FYI
Always at the end of ntbtlog.txt of a bad boot are these drivers:
Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
Loaded driver \SystemRoot\system32\drivers\afd.sys

Any help would be greatly appreciated. I hate to go back to "factory
settings" to eliminate this problem. Thanks. Lee



--
Lee Lord

AutoRuns for Windows v9.21:
http://www.microsoft.com/technet/sys.../Autoruns.mspx

--
Please use the Communities guidelines when posting.
http://www.microsoft.com/wn3/locales...help_en-us.htm
Use the "Ratings" feature. It helps the new users.
Mark L. Ferguson MS-MVP
https://mvp.support.microsoft.com/profile/Mark.Ferguson

"Lee Lord" <> wrote in message
news:9F419523-363F-4D62-9FB0-...
> I seem to be having a problem fully booting Vista SP1. This recently
> started
> occuring. It boots up to a certain point with all my desktop Icons intact
> then freezes. I should note that sometimes it fully boots but more often
> than not it doesn't. I haven't installed any new progams and I've testing
> my
> HDD for errors. I accessed my ntbtlog.txt file and notice that this
> driver
> is always at or near the end:
>
> Loaded driver \??\C:\Windows\system32\Drivers\mchInjDrv.sys
>
> I only mention this driver because of the \??\ and also because in
> searching
> for information on it there seems to be a consensus that this is a bad
> driver
> being a trojan or malware. I tried to find it in system32\drivers but
> it's
> hidden.
>
> How can I find and eliminate this driver?
>
> This is only FYI
> Always at the end of ntbtlog.txt of a bad boot are these drivers:
> Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
> Loaded driver \SystemRoot\system32\drivers\afd.sys
>
> Any help would be greatly appreciated. I hate to go back to "factory
> settings" to eliminate this problem. Thanks. Lee
>
>
>
> --
> Lee Lord

"Lee Lord" <> wrote in message
news:9F419523-363F-4D62-9FB0-...
>I seem to be having a problem fully booting Vista SP1. This recently
>started
> occuring. It boots up to a certain point with all my desktop Icons intact
> then freezes. I should note that sometimes it fully boots but more often
> than not it doesn't. I haven't installed any new progams and I've testing
> my
> HDD for errors. I accessed my ntbtlog.txt file and notice that this
> driver
> is always at or near the end:
>
> Loaded driver \??\C:\Windows\system32\Drivers\mchInjDrv.sys
>
> I only mention this driver because of the \??\ and also because in
> searching
> for information on it there seems to be a consensus that this is a bad
> driver
> being a trojan or malware. I tried to find it in system32\drivers but
> it's
> hidden.
>
> How can I find and eliminate this driver?

The question marks mean that there is a startup entry for the malware, but
the file was not found. Your AV software must have removed it. Don't worry
about that, but it will be a little neater if its startup entry was removed,
although this is not your issue.

> This is only FYI
> Always at the end of ntbtlog.txt of a bad boot are these drivers:
> Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
> Loaded driver \SystemRoot\system32\drivers\afd.sys

I think afd.sys is causing your problems. It's a networking driver. It is
actually possible that you have a hardware problem that is causing this.

> Any help would be greatly appreciated. I hate to go back to "factory
> settings" to eliminate this problem.

I think that would be your best move.

ss.

Mark, thanks for the program which I downloaded and installed. What exactly
am I looking for in those multiple tabs? Thanks again. Lee
--
Lee Lord


"Mark L. Ferguson" wrote:

> AutoRuns for Windows v9.21:
> http://www.microsoft.com/technet/sys.../Autoruns.mspx
>
> --
> Please use the Communities guidelines when posting.
> http://www.microsoft.com/wn3/locales...help_en-us.htm
> Use the "Ratings" feature. It helps the new users.
> Mark L. Ferguson MS-MVP
> https://mvp.support.microsoft.com/profile/Mark.Ferguson
>
> "Lee Lord" <> wrote in message
> news:9F419523-363F-4D62-9FB0-...
> > I seem to be having a problem fully booting Vista SP1. This recently
> > started
> > occuring. It boots up to a certain point with all my desktop Icons intact
> > then freezes. I should note that sometimes it fully boots but more often
> > than not it doesn't. I haven't installed any new progams and I've testing
> > my
> > HDD for errors. I accessed my ntbtlog.txt file and notice that this
> > driver
> > is always at or near the end:
> >
> > Loaded driver \??\C:\Windows\system32\Drivers\mchInjDrv.sys
> >
> > I only mention this driver because of the \??\ and also because in
> > searching
> > for information on it there seems to be a consensus that this is a bad
> > driver
> > being a trojan or malware. I tried to find it in system32\drivers but
> > it's
> > hidden.
> >
> > How can I find and eliminate this driver?
> >
> > This is only FYI
> > Always at the end of ntbtlog.txt of a bad boot are these drivers:
> > Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
> > Loaded driver \SystemRoot\system32\drivers\afd.sys
> >
> > Any help would be greatly appreciated. I hate to go back to "factory
> > settings" to eliminate this problem. Thanks. Lee
> >
> >
> >
> > --
> > Lee Lord
>

Thanks for the response. I've tried to find that startup but to no avail.
Checked Services, regedit RUNs, etc... As for the network drivers. I
reverted back to my previous drivers per "Roll Back Driver" Now if it's a
hardware issue I just don't know as I've not installed any new hardware
recently. One thing I find odd is when booting, one time my OS will load
completely and the next time it'll freeze after the desktop Icons and some
tray Icons load. It seems like every other boot it freezes. I don't know
what other clues there are. With my ntbtlog.txt file the MCHINJDRV.SYS is
the last driver to appear (Loaded driver
\??\C:\Windows\system32\Drivers\mchInjDrv.sys) in the text file. Thank you
again for responding. Lee
--
Lee Lord


"Synapse Syndrome" wrote:

> "Lee Lord" <> wrote in message
> news:9F419523-363F-4D62-9FB0-...
> >I seem to be having a problem fully booting Vista SP1. This recently
> >started
> > occuring. It boots up to a certain point with all my desktop Icons intact
> > then freezes. I should note that sometimes it fully boots but more often
> > than not it doesn't. I haven't installed any new progams and I've testing
> > my
> > HDD for errors. I accessed my ntbtlog.txt file and notice that this
> > driver
> > is always at or near the end:
> >
> > Loaded driver \??\C:\Windows\system32\Drivers\mchInjDrv.sys
> >
> > I only mention this driver because of the \??\ and also because in
> > searching
> > for information on it there seems to be a consensus that this is a bad
> > driver
> > being a trojan or malware. I tried to find it in system32\drivers but
> > it's
> > hidden.
> >
> > How can I find and eliminate this driver?
>
> The question marks mean that there is a startup entry for the malware, but
> the file was not found. Your AV software must have removed it. Don't worry
> about that, but it will be a little neater if its startup entry was removed,
> although this is not your issue.
>
> > This is only FYI
> > Always at the end of ntbtlog.txt of a bad boot are these drivers:
> > Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
> > Loaded driver \SystemRoot\system32\drivers\afd.sys
>
> I think afd.sys is causing your problems. It's a networking driver. It is
> actually possible that you have a hardware problem that is causing this.
>
> > Any help would be greatly appreciated. I hate to go back to "factory
> > settings" to eliminate this problem.
>
> I think that would be your best move.
>
> ss.
>
>
>