Start OTL,   under   Copy and paste the custom script attached which you open in for instance Notepad,(include the : at the start of :OTL and all the way to the end / bottom)  and run the script. (Red Run Fix Button)

The output log, should be placed in the _OTL folder after.

Quads

Did that. PC restarted?

This is the log file now.

Should PC have restarted?

Actually, just read the last line of your script where it says Reboot, so looks like that was supposed to happen.

Should I scan again to see if it finds any infection still?

Why would Norton not have found anything I wonder?

I pasted the script in custom fixes, did the fix as you said. Then the PC restarted.

That is not a fix log, That is just the same exact log you posted earlier I know by for instance the time of the run for starters.

Quads

Start OTL,   under   Copy and paste the custom script attached which you open in for instance Notepad,(include the : at the start of :OTL and all the way to the end / bottom)  and run the script. (Red Run Fix Button)

The output log, should be placed in the _OTL folder after.

Quads

Right. I copied and pasted. and ran the script using red run fix button.

Sorry, can you explain again. Please.

The output log, should be placed in the C:/_OTL folder after.

Quads

This is what I copied and pasted.

:OTL
PRC - [2012/04/26 18:53:53 | 000,237,568 | -H-- | M] () -- C:\Users\GaryandMeryl\AppData\Roaming\tmp\local.exe
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-21-2927403198-3598784137-2109375690-1000..\Run: [windows] C:\Users\GaryandMeryl\AppData\Roaming\tmp\local.exe ()
O4 - HKU\S-1-5-21-2927403198-3598784137-2109375690-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
[2012/04/26 18:53:58 | 000,000,000 | ---D | C] -- C:\Users\GaryandMeryl\AppData\Roaming\tmp
[2012/05/07 06:51:08 | 000,000,000 | ---D | C] -- C:\Users\GaryandMeryl\AppData\Roaming\PCCUStubInstaller
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2012/05/04 19:07:54 | 000,047,362 | ---- | M] () -- C:\Users\GaryandMeryl\AppData\Roaming\wklnhst.dat
[2012/04/19 17:24:25 | 000,006,335 | ---- | M] () -- C:\Users\GaryandMeryl\Documents\You have a Sky iD!.eml
@Alternate Data Stream - 976 bytes -> C:\Users\GaryandMeryl\Documents\Fw_ Your ASDA Travel Booking Confirmation [AA1F4F4A].eml:OECustomProperty
@Alternate Data Stream - 781 bytes -> C:\Users\GaryandMeryl\Documents\You have a Sky iD!.eml:OECustomProperty
@Alternate Data Stream - 1289 bytes -> C:\Users\GaryandMeryl\Documents\Ryanair Travel Itinerary Knock.eml:OECustomProperty
@Alternate Data Stream - 1049 bytes -> C:\Users\GaryandMeryl\Documents\Your ASDA Travel Booking Confirmation [ATED2361].eml:OECustomProperty
@Alternate Data Stream - 1049 bytes -> C:\Users\GaryandMeryl\Documents\Your ASDA Travel Booking Confirmation [AA1F4F4A].eml:OECustomProperty

:Files
C:\Users\GaryandMeryl\AppData\Roaming\tmp\local.exe
C:\Users\GaryandMeryl\Documents\Your ASDA Travel Booking Confirmation [ATED2361].eml
C:\Users\GaryandMeryl\Documents\Your ASDA Travel Booking Confirmation [AA1F4F4A].eml
C:\Users\GaryandMeryl\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\d7a950a-189dafec

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[RESETHOSTS]
[Reboot]