compumac 17:02 05 Oct 2008

AVG detects a Trojan horse Small.AOQ filename is
C:\WINDOWS\system32\Drivers\mchlnjDrv.sys "
This has occured on my second PC.
I have looked at various sites in respect of this and find that there are references to false/positives, a problem with A2 amongst others. This problem, according to the various forums, only started in this past week. I have been unable to remove this or determine from those forums as to the answer, and therefore I resurrected an Acronis disk image from August. This worked OK Until AVG Free 8 updated and then the reference to Trojan Horse immediately surfaced. Therefore incorrectly or otherwise I apportion the problem to originate with AVG 8 Free. The AVG forum moderator has closed the thread as no-one is contributing to an answer.
I also have A2 Malware installed which has also been referenced by others.
Currently I have disconnected this PC from the internet so that AVG 8 Free cannot update itself, and have recreated the August image. I have accessed the update manager and checked update at 23:56, this, so it will not update itself under normal circumstances.

  Fruit Bat /\0/\ 17:44 05 Oct 2008

the detection by AVG is False Positive

mchInjDrv.sys[/color]- belongs to a2.
That is part of a technique employed by a-squared
Because of "dynamically " you will not find it in the folder to be able to delete the file.
It is dynamically generated hidden driver, legitimate software use it as a component of the API hooking SDK used to inject a .DLL to other applications.
(unfortunately can be used by malware too)

  compumac 17:56 05 Oct 2008

Fruit Bat
I think that the threat is mchlnjDrv.sys and not mchInjDrv.sys which belongs to A2. It certainly looks more like an l than an I/i

  birdface 19:28 05 Oct 2008

I have AVG and A squared and have the same problem.The amount of false positives from AVG In the last couple of weeks points to an AVG problem.

  birdface 20:05 05 Oct 2008
  compumac 20:13 05 Oct 2008

Yes I had seen these threads and eveything as I see it point to AVG rather than other products. It did not occur until AVG 8 Free updated. There are too many instances of this problem displayed on the Internet and they have one common denominator - AVG.

At this time I am going to treat it as a false/positive until I see/hear otherwise, that is why I raised it here.

  birdface 20:53 05 Oct 2008

Likewise.Getting a bit fed up with it.I was thinking of removing it and then reinstalling.I would try something else but not keen on Avast and some not very good comments about Avira on one of the sites I was on.So that does not leave a lot.Not freebies anyhow.Plus A squared is also bringing up a few problems so wondering if a bit of a conflict between the two of them.

  compumac 21:00 05 Oct 2008

I have A2 Squared Malware, I am not aware of any problems with it, except of course that there is a similar named item mchInjDrv.sys associated with A2.

  birdface 08:25 06 Oct 2008

Just wondering the problem started about the same time as that very large A squared update.

  compumac 08:45 06 Oct 2008

I put the image back from August and AVG updated immediately but I did not update A2 Malware with its large update until AFTER the problem had appeared.

  woodchip 09:24 06 Oct 2008

So Whats wrong with Avast. I have it loaded on four computers and never had a problem. May be the sites you visit

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Samsung Galaxy S9 review

Adobe price increase confuses customers

What to expect at Apple's 27 March education event

Comment filmer l’écran d’un iPhone ?