Hi Michelle, welcome to DaniWeb

First, right-click in an open area of your desktop and select New, Folder; give the new folder a name (something like HJT or HijackThis), and then drag the hijackthis.exe icon that is on your desktop into the new folder.

I don't see the typical entries in your log for Aurora, but maybe you've partially fixed it. Just in case, do this...

Download Nailfix from here:
http://users.pandora.be/bluepatchy/nailfix.zip
Unzip it to your desktop, but do not run it yet.

Reboot into Safe Mode.

Double-click on the Nailfix.bat that is on your desktop. Your desktop and icons will disappear and reappear, and a window should open and close very quickly -- this is normal.

Then run a full system scan with Ewido (note: you will be posting the log from this scan when back in normal mode).

Reboot normally.

Scan with hijackthis and have it fix the following entries:

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: VBRunDLL Class - {197B8CA4-E215-46DD-8F33-E0544A80E5C4} - C:\WINDOWS\System32\vbrundll.dll (file missing)
O2 - BHO: ohb - {9ADE0443-2AB2-4B23-A3F8-AC520773DE12} - C:\WINDOWS\System32\nso18A.dll (file missing)
O2 - BHO: (no name) - {D2BB2846-00CB-8CF0-8C1E-E0B4A08AF596} - C:\WINDOWS\FYI\ecxacawryf.dll (file missing)
O4 - HKCU\..\Run: [pcdlib32] C:\WINDOWS\pcdlib32.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...b?1105540045194
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhe...n7/dlhelper.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://66.242.36.116/view22/View22RTE.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/m...OCX/FlashAX.cab
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

If these entries aren't related to your ISP, have HJT fix them as well--
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eti-lincoln.local
O17 - HKLM\Software\..\Telephony: DomainName = eti-lincoln.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = eti-lincoln.local

Be sure to close any open windows, other then hijackthis, before hitting Fix checked.

Go to the following locations and delete the highlighted files:

C:\WINDOWS\Nail.exe
C:\WINDOWS\System32\vbrundll.dll
C:\WINDOWS\System32\nso18A.dll
C:\WINDOWS\FYI\ecxacawryf.dll
C:\WINDOWS\pcdlib32.exe
C:\WINDOWS\svcproc.exe

Empty your Recycle Bin and reboot.

Close any open browser windows, scan with hijackthis, and post a new log along with the Ewido log.