05-07-2012 03:05 AM
The attack came from Attack resulted from \DEVICE\HARDDISKVOLUME\USERS\GARYANDMERYL\APPDATA\TMP\LOCAL.EXE
I removed it as seen in the log
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2927403198-3598784137-2109375690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\windows deleted successfully.
C:\Users\GaryandMeryl\AppData\Roaming\tmp\local.exe moved successfully.
C:\Users\GaryandMeryl\AppData\Roaming\tmp folder moved successfully.
Start OTL, but this time click the Black "CleanUp" button
05-07-2012 03:24 AM
Done. I misunderstood, as you'd said to run it on the black cleanup button, I thought it was something that had to be done. But Sonar must have detected the problem in there and deleted the whole thing.
I really am grateful for your help, and sorry again for the confusions. I was reading and doing as I saw, or at least I thought I was.
05-07-2012 03:31 AM
Just have to pay someone to do it. I got on so much better years ago with my old Millennium edition, and advice from Castlecops (AKA computercops).
Is it worth having more than 1 virus scanner, or do they clash?
I see that we were using AVAST there for a while, would they work hand in hand?