The attack came from Attack resulted from \DEVICE\HARDDISKVOLUME\USERS\GARYANDMERYL\APPDATA\TMP\LOCAL.EXE

I removed it as seen in the log

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2927403198-3598784137-2109375690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\windows deleted successfully.
C:\Users\GaryandMeryl\AppData\Roaming\tmp\local.exe moved successfully.

C:\Users\GaryandMeryl\AppData\Roaming\tmp folder moved successfully.

Start  OTL, but this time click the Black  "CleanUp" button

Quads

Oh, Norton Sonar just removed OTL!

Saw it as a risk for some reason.

You don't want me to re install OTL and run it agian just in case?

Gary.

NO, just do as I say.   the OTL quarantine is the _OTL folder that is to be deleted  entirely.

Quads

Done. I misunderstood, as you'd said to run it on the black cleanup button, I thought it was something that had to be done. But Sonar must have detected the problem in there and deleted the whole thing.

I really am grateful for your help, and sorry again for the confusions. I was reading and doing as I saw, or at least I thought I was.

Kind regards.

Gary.

You better hope you don't get a tougher infection otherwise you will be up the Nile without a boat with the harder instructions at times.

Quads

Just have to pay someone to do it. I got on so much better years ago with my old Millennium edition, and advice from Castlecops (AKA computercops).

Is it worth having more than 1 virus scanner, or do they clash?

I see that we were using AVAST there for a while, would they work hand in hand?