NVSVCPMMWindowClass problem

[essexboy]

OK a couple of files there to kill, OTL was not quite strong enough to get them

 
Download and Install CombofixDownload ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

 IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks

• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.[/b]
  

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[mb7317]

Here's the OTL quick scan.

[mb7317]

After closing down AVAST and MALWAREBYES, ComboFix "Warning" stated Adaware and Norton Internet Security 2006 were still active.  I closed Adaware, but I have no knowledge of Norton running.  It isn't listed in Control Panel Add or Remove programs, and in Program Files, likewise, no Norton folder.  There was a Symantec folder with Web Controls, which I uninstalled.

What do I do now?

Rob

[essexboy]

Run Combofix - we will remove the remnants later

[mb7317]

After ComboFix rebooted the computer, the msg: "Preparing Log Report.  Do not run any programs until ComboFix has finished." has remained on the monitor for about 30 minutes.

(the Start Up Menu starts Firefox, and after it started, I closed it.)

And now a "Windows - No Disk" message has popped-up:

         "Exception Processing Message c0000013 Parameters 75b6bf9c 4 75b6bf9c 75b6bf9c

          Cancel     Try Again   Continue  "

What do I do?

(sent from another computer)

[essexboy]

Reboot the computer please

[mb7317]

OK  System rebooted

[mb7317]

Rebooted a second time, and this time Malwarebytes warning:  Authz32.dll

Quarantined and then removed it.

What now?

Rob

[essexboy]

Download AVPTool from Here to your desktop 
   
Run the programme you have just downloaded to your desktop (it will be randomly named ) 
 
First we will run a virus scan  
 
Click the cog in the upper right 

 
 
Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan 

 
Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threats report from the left and press Save button
Save it to your desktop and attach to your next post
 
 
Now the Analysis
 
Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information 
 

 
On completion click the link to locate the zip file to upload and attach to your next post 
 

[mb7317]

This morning, the computer booted up without the serious NVSVCPMMWindowClass problems, and the cursor works normally on the Taskbar.

But Malwarebytes now blocks  System32\Shell32.exe   I clicked on Quarantine, but when I checked the Quarantine area, nothing was there.

I downloaded the Kaspersky, but when I ran it, the computer shut down and displayed this message:

A problem has been detected and windows has been shut down to prevent damage to your computer.  The problem seems to be caused by the following file: 9213716drv.sys  The driver unloaded without cancelling pending operation.

What should I do?

Rob

[essexboy]

Shell32 is a legitmate file in the right location, the driver referencesd is the Kaspersky one, but I really want the analysis log so if you want jump straight to that portion.

Also could you upload the zip file to Megaupload now as I am having problems with mediafire

[mb7317]

But I can't get Kaspersky to open.  The computer always shuts down before it loads the program.

[essexboy]

OK something is blocking it so - I will need to approach this differently

Can you get to safe mode ?

If so try the analysis scan there- If that should fail then try combofix again from safe mode

Meanwhile I will dig out another tool to use

[mb7317]

I have Kaspersky running in safe mode now.

[mb7317]

The scan has been running 25 minutes and only 1% complete.  Looks like it's going to take a long time.