Very Slow PC and Random Shutdowns

Hmm, this doesn't wanna go away.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
  
• Copy the content of the following codebox into the main textfield:
  

  Code:

  
:filefind
sysaudio.sys

:regfind
sysaudio.sys

  
  
  
• Click the Look button to start the scan.
  
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  

Note: The log can also be found on your Desktop entitled SystemLook.txt

It restarted my pc and blackscreened on reboot but this is what I got after

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 16:28 on 02/08/2010 by shan (Administrator - Elevation successful)

========== filefind ==========

Searching for "sysaudio.sys"
C:\WINDOWS\$NtServicePackUninstall$\sysaudio.sys --a--- 60800 bytes [21:36 15/06/2008] [05:15 04/08/2004] 650AD082D46BAC0E64C9C0E0928492FD
C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys --a--- 60800 bytes [05:15 04/08/2004] [19:15 13/04/2008] 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\system32\drivers\sysaudio.sys --a--- 60800 bytes [23:50 30/10/2007] [19:15 13/04/2008] 8B83F3ED0F1688B4958F77CD6D2BF290

========== regfind ==========

Searching for "sysaudio.sys"

Hello.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   Code:

   
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=-

   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.
   

ComboFix 10-08-02.01 - shan 08/02/2010 18:06:56.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.286 [GMT -4:00]
Running from: c:\documents and settings\shan\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\shan\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-07-02 to 2010-08-02 )))))))))))))))))))))))))))))))
.

2010-07-29 21:10 . 2010-07-29 21:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-29 21:02 . 2010-07-29 21:02 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-29 21:00 . 2010-07-29 21:00 77184 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-07-29 20:59 . 2010-07-30 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-07-29 02:47 . 2010-07-29 02:47 503808 ----a-w- c:\documents and settings\shan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-56538288-n\msvcp71.dll
2010-07-29 02:47 . 2010-07-29 02:47 499712 ----a-w- c:\documents and settings\shan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-56538288-n\jmc.dll
2010-07-29 02:47 . 2010-07-29 02:47 348160 ----a-w- c:\documents and settings\shan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-56538288-n\msvcr71.dll
2010-07-29 02:47 . 2010-07-29 02:47 61440 ----a-w- c:\documents and settings\shan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1162fbb2-n\decora-sse.dll
2010-07-29 02:47 . 2010-07-29 02:47 12800 ----a-w- c:\documents and settings\shan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1162fbb2-n\decora-d3d.dll
2010-07-29 02:45 . 2010-07-17 09:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-27 22:09 . 2010-07-27 22:09 -------- d-----w- c:\windows\system32\winrm
2010-07-27 22:09 . 2010-07-27 22:09 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2010-07-27 21:53 . 2010-07-29 21:01 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2010-07-27 21:53 . 2010-07-27 21:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-07-27 21:51 . 2010-07-28 21:59 -------- d-----w- c:\program files\Windows Desktop Search
2010-07-27 21:51 . 2010-07-27 21:51 -------- d-----w- c:\windows\system32\GroupPolicy
2010-07-27 21:50 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2010-07-27 21:50 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2010-07-27 21:50 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2010-07-27 21:14 . 2010-07-27 21:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-07-27 02:51 . 2010-07-27 10:00 -------- d-----w- c:\windows\SxsCaPendDel
2010-07-27 02:37 . 2010-07-27 02:37 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-27 02:34 . 2010-07-27 02:39 -------- d-----w- c:\documents and settings\shan\Application Data\DivX
2010-07-27 02:25 . 2010-07-27 10:00 -------- d-----w- c:\program files\DivX
2010-07-27 02:23 . 2010-07-27 02:51 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-07-27 01:10 . 2010-07-27 01:10 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-07-27 01:10 . 2010-07-27 01:10 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-07-27 01:10 . 2010-07-27 01:10 49152 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-07-27 01:10 . 2010-07-27 01:10 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-07-27 01:10 . 2010-07-27 01:10 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-07-27 01:10 . 2010-07-27 01:10 308808 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-07-27 01:10 . 2010-07-27 01:10 40960 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-07-27 01:10 . 2010-07-27 01:10 14848 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-07-27 01:10 . 2010-07-27 01:10 341600 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-07-27 01:08 . 2010-07-27 01:08 -------- d-----w- c:\program files\Common Files\xing shared
2010-07-27 01:07 . 2010-07-27 01:07 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-27 01:07 . 2010-07-27 01:07 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-07-27 01:07 . 2010-07-27 01:09 -------- d-----w- c:\program files\Real
2010-07-27 00:55 . 2010-07-27 02:49 -------- d-----w- c:\program files\LimeWire
2010-07-27 00:51 . 2010-07-27 00:51 -------- d-----w- c:\documents and settings\shan\Local Settings\Application Data\Mozilla
2010-07-26 22:13 . 2010-07-26 22:13 -------- d-----w- c:\program files\ESET
2010-07-26 22:10 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-26 22:10 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-26 22:10 . 2010-07-26 22:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-26 21:48 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-26 21:44 . 2010-05-06 10:41 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-07-26 21:26 . 2008-04-13 18:39 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-07-26 21:26 . 2008-04-13 18:39 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 21:06 . 2009-10-29 21:36 -------- d-----w- c:\program files\Diablo II
2010-08-02 20:30 . 2007-10-31 11:10 90112 ----a-w- c:\windows\DUMP71b5.tmp
2010-07-30 18:46 . 2007-10-31 11:10 90112 ----a-w- c:\windows\DUMP608e.tmp
2010-07-29 09:48 . 2007-11-19 20:22 -------- d-----w- c:\program files\Java
2010-07-29 09:43 . 2007-11-19 20:21 -------- d-----w- c:\program files\Common Files\Java
2010-07-28 23:18 . 2009-12-10 00:12 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2010-07-27 22:16 . 2008-05-16 13:30 -------- d-----w- c:\program files\Microsoft.NET
2010-07-27 20:57 . 2008-05-16 13:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-07-27 20:12 . 2009-10-29 21:53 36403 ----a-w- c:\windows\DIIUnin.dat
2010-07-27 01:33 . 2009-12-06 15:07 -------- d-----w- c:\documents and settings\shan\Application Data\mIRC
2010-07-27 01:10 . 2008-06-22 21:37 -------- d-----w- c:\program files\Common Files\Real
2010-07-26 21:56 . 2009-10-28 00:50 -------- d-----w- c:\program files\Yahoo!
2010-06-14 14:31 . 2007-10-31 12:24 744448 ----a-w- c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2010-05-06 10:41 . 2001-08-23 16:00 916480 ----a-w- c:\windows\system32\wininet.dll
2007-10-31 10:54 . 2007-10-31 10:54 11079 ---ha-w- c:\program files\folder.htt
.

((((((((((((((((((((((((((((( SnapShot@2010-07-31_02.17.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-02 20:59 . 2010-08-02 20:59 16384 c:\windows\temp\Perflib_Perfdata_7ec.dat
+ 2010-08-02 21:00 . 2010-08-02 21:00 16384 c:\windows\temp\Perflib_Perfdata_168.dat
+ 2010-0726 21:41 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
- 2010-07-26 21:41 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft ScreenHunter 5.1 Pro"="0" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Lexmark X5100 Series"="c:\program files\Lexmark X5100 Series\lxbabmgr.exe" [2003-03-04 86100]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-07-27 202256]
"nwiz"="nwiz.exe" [2003-07-28 323584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2006-10-22 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 16:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 16:22 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2003-07-28 18:19 323584 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\groove.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Logging]
"LogSuccessfulConnections"= 0 (0x0)
"LogDroppedPackets"= 0 (0x0)
"LogFileSize"= 0 (0x0)
"LogFilePath"=

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S3 3dfxvs;3dfxvs;c:\windows\system32\drivers\3dfxvsm.sys [2/11/2008 8:44 PM 148352]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder

2010-08-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1220945662-1965331169-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]

2010-08-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1220945662-1965331169-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]

2010-08-02 c:\windows\Tasks\User_Feed_Synchronization-{A90B1E40-BBDD-4142-92C7-AD235AC29D8F}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ffxi.allakhazam.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\shan\Application Data\Mozilla\Firefox\Profiles\tn6qqhj2.default\
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-02 18:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-08-02 18:18:29
ComboFix-quarantined-files.txt 2010-08-02 22:18
ComboFix2.txt 2010-08-01 21:32
ComboFix3.txt 2010-08-01 01:29
ComboFix4.txt 2010-07-31 02:55

Pre-Run: 49,410,642,432 bytes free
Post-Run: 49,398,545,408 bytes free

- - End Of File - - A0B91EBA4C3AE199A8289A96E6CF78FE

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

• Check (tick) this box: YES, I accept the Terms of Use.
  
• Click on the Start button next to it.
  
• When prompted to run ActiveX. click Yes.
  
• You will be asked to install an ActiveX. Click Install.
  
• Once installed, the scanner will be initialized.
  
• After the scanner is initialized, click Start.
  
• Check (tick) Remove found threats box.
  
• Check (tick) Scan unwanted applications.
  
• Click on Scan.
  
• It will start scanning. Please be patient.
  
• Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  

It didn't find anything but I can't post the log because I can't get to anything if its not on my desktop. When I click My Computer, or try to go to windows explorer it just gives me an hourglass for a second then does nothing. Nevermind. Opened it through notepad.
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=643069738ad21444b723be958f0c6b7b
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-26 11:00:42
# local_time=2010-07-26 07:00:42 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 52632114 52632114 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=7007
# found=6
# cleaned=6
# scan_time=2613
C:\$UPGRADE.~OS\OnlineUpgradeStore\File\C$\WINDOWS\system32\QssvyGgh.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\$UPGRADE.~OS\OnlineUpgradeStore\File\C$\WINDOWS\system32\rjpmjxqh.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\$UPGRADE.~OS\OnlineUpgradeStore\File\C$\WINDOWS\system32\urxjpkcw.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\$UPGRADE.~OS\OnlineUpgradeStore\File\C$\WINDOWS\system32\uuxGhkkj.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\$UPGRADE.~OS\OnlineUpgradeStore\File\C$\WINDOWS\system32\yiiwvlbo.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\$UPGRADE.~OS\OnlineUpgradeStore\File\C$\WINDOWS\system32\yojtyydr.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=643069738ad21444b723be958f0c6b7b
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-28 02:11:29
# local_time=2010-07-27 10:11:29 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 52722233 52722233 0 0
# compatibility_mode=8192 67108863 100 0 3922 3922 0 0
# scanned=76610
# found=16
# cleaned=16
# scan_time=10339
C:\Documents and Settings\shan\My Documents\MsnVirRem.exe probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{BF7045B0-D5D9-4166-AEFD-D23CF93234C6}\RP476\A0298138.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{BF7045B0-D5D9-4166-AEFD-D23CF93234C6}\RP476\A0298139.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{BF7045B0-D5D9-4166-AEFD-D23CF93234C6}\RP476\A0298140.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{BF7045B0-D5D9-4166-AEFD-D23CF93234C6}\RP476\A0298141.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{BF7045B0-D5D9-4166-AEFD-D23CF93234C6}\RP476\A0298142.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{BF7045B0-D5D9-4166-AEFD-D23CF93234C6}\RP476\A0298143.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\QssvyGgh.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\QssvyGgh.ini2 Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\rjpmjxqh.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\setup.exe.tmp a variant of Win32/Daonol.D trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\urxjpkcw.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\uuxGhkkj.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\uuxGhkkj.ini2 Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\yiiwvlbo.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\yojtyydr.ini Win32/Adware.Virtumonde.NEO application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=643069738ad21444b723be958f0c6b7b
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-03 04:03:51
# local_time=2010-08-03 12:03:51 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 53252769 53252769 0 0
# compatibility_mode=8192 67108863 100 0 534458 534458 0 0
# scanned=66936
# found=0
# cleaned=0
# scan_time=4945

How is the machine running now?

Slow. I still can't open anything "my computer, my documents, windows explorer, my music, my pictures" all those just give me an hourglass for half a second then nothing opens. Also, you had said I had a remote viewer on my pc. Did we get that off?

Yes, the remote access was removed.

Well... now my pc is still slow but I can't open any folders. Before I asked for help I could open folders on my desktop.