Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nv4_disp and win32k.sys Issues


  • Please log in to reply
2 replies to this topic

#1 bendylson

bendylson

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wash DC
  • Local time:03:30 AM

Posted 09 February 2011 - 01:11 PM

Hi there,

I've been having an issue lately where my monitor will flash psychedelic colors and eventually freeze when I open PDFs and some webpages. I've updated all my Java/Flash/Adobe software as well as my Nvidia graphics driver. I tried to uninstall the previous version before installing the current driver.

After about 6 BSOD in the last 2 days, I ran BlueScreenView and found there was an Win32k.sys issue as well as the Nv4_disp issue I had been getting. I then ran MBAM and found a couple files which were removed.

Am looking for some guidance and advice here. Let me know which reports would be most helpful in diagnosing the issue and I will post them immediately.

Thanks in advance!

Ben

BC AdBot (Login to Remove)

 


#2 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:04:30 AM

Posted 09 February 2011 - 01:52 PM

Hello Ben,
I'd recommend you give us the MBAM log so that we can take a look at it. You never know, this could be two separate issues, and the malware may have had nothing to do with this second issue. But MBAM will help in telling us.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#3 bendylson

bendylson
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wash DC
  • Local time:03:30 AM

Posted 09 February 2011 - 01:56 PM

Thanks for quick reply.

Here is the first:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4883

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.5512

2/8/2011 3:36:01 PM
mbam-log-2011-02-08 (15-36-01).txt

Scan type: Quick scan
Objects scanned: 193143
Time elapsed: 7 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\cmaidctlapp.maidctrl.1 (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9d761d3a-e8bd-434b-b42b-520d8fe1da3a} (Adware.ClosetMaid) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)



And here is the follow-up:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4883

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.5512

2/8/2011 3:52:52 PM
mbam-log-2011-02-08 (15-52-52).txt

Scan type: Quick scan
Objects scanned: 193181
Time elapsed: 6 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users