Windows Command Processor Notification

[essexboy]

Can this virus get onto a new laptop if I was to transfer everything from one hard drive to another.

Dependant on what you transfer... But yes

When saying about formatting, do you mean formatting the USB flash drive?

Yes the USB stick/drive will need to be formatted

By USB flash drive, do you mean USB stick?

Aye they are the same animal

[COMPAQ7]

Well the files I would transfer are photoshop files, music files, etc.

The ramnit info doesn't mention about networks but does mention about removable drives.
Is a external hard drive a removable drive?

I will proceed to the next guide shortly and get back to you ASAP.

EDIT: Apologies for not notifying you about this ASAP but The Windows Command Processor Notification stopped yesterday
after the malwarebytes scan and reboot. But this doesn't mean it's gone right? I read on other threads and forums that it
would make an appearance again.

[essexboy]

Correct it has not gone.  I will give a list of file types not to copy if it comes to that 

[COMPAQ7]

Ok, I have used Dr web live and then scanned with OTL. The OTL log is attached to this post.

When Dr web live finished scanning it found two threats. Those two threats were to do with
my printer. I can't remember what exactly but I think the word plugin was in there as well as
other words.

Also I pressed the cure button on both. On the first one it said it was deleted in one of the columns
but on the second one I pressed the cure button and i'm sure it performed the action and deleted it
but in the column it said nothing. I pressed it a few more times and a error came up, as if it had already
performed the action. Everything is ok right? It had deleted it but just didn't show up/say in the column?

[essexboy]

OK how is the computer behaving now ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  

Code: [Select]

:OTL
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2472271074-1238287900-578679825-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
[2012/10/06 18:40:30 | 000,000,000 | ---D | C] -- C:\Users\Puppy\AppData\Local\htxxysiq

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks

• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.[/b]
  

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[COMPAQ7]

I ran OTL, the log is attached to this post.

I had a problem with combofix/norton. I downloaded combofix to the desktop and then disabled all aspects
of norton, or so I thought. I double click on combofix but it notifies me about antispyware from norton
is still running. So I tried to close combofix but it continued to the next page and so I restared the
laptop. I am going to uninstall norton so it can't interfere with combofix. Am I ok to proceed and then
after that, proceed with combofix?

EDIT: Laptop is running ok. No issues.

[essexboy]

As long as you disable Norton you can run combofix despite the warning

[COMPAQ7]

Ok, will do.

Just wanted to add for your information, that when windows command processor notification happened,
I did not have any anti-virus at the time. So I installed Norton afterwards.

I'll post the combofix log in the next reply.

[COMPAQ7]

Sorry for the double post. The combofix log is attached to this post.

Also I ran the norton virus scan and it found 35 threats and removed the 35 threats.
I don't know if this is of any relevence to you guys.

[essexboy]

Was it still reporting Ramnit ?

[COMPAQ7]

I don't recall seeing the word ramnit but I didn't look in detail. It was just a quick scan and it
said about finding and removing 35 threats.

[essexboy]

Could you look in the log to see what was removed

[COMPAQ7]

Can tell me how to access the norton 360 logs?

I did however bring up the security history and it said about the 35 threats that had been
resolved. They were tracking cookies.

[essexboy]

If they were tracking cookies then I do not care 

How is the computer behaving now ?

[COMPAQ7]

The computer hasn't been used much but it seems normal.