ok. found it. do I delete it, kill it or what?

OK, we will have more steps after this to make sure the rest of the system is clean and then the clean up.

Next,

Disable Norton for say 30 mins

You may want to make sure that you can see the screenshot below first to make sure what you are doing. It shows a different file but same steps apply.

Select mrxsmb.sys_backup  Make sure you DON"T select  mrxsmb.sys

With GMER  go into the Drivers folder and find in the list mrxsmb.sys_backup and select it.Double check it's the right file selected  (instructions carry on below screenshot)

This time click on the right hand side DELETE,    GMER asks basically are you sure??    click Yes

You can see that in the screenshot above I created a file called atapi.sys.vir to just show the dialog.

After deleting the file close GMER, then start GMER again, and go into the drivers folder to see if afd.sys.org is really gone.

Quads

OK. Done that. Double checked. it is gone

Please read carefully Read all of this message first

Download Combofix http://www.bleepingcomputer.com/download/anti-virus/combofix

• Ensure that Combofix is saved directly to the Desktop <--- Very important
  
  
• Disable all security programs as they will have a negative effect on Combofix, Disabled for say 1 hour or more.
• Close any open browsers and any other programs you might have running

Just Run Combofix

• If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
• When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

*EXTRA NOTES*

• If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
• If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
• If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Quads

here is the log.

Good  the zeroaccess file system has been moved that is breaking it down.

It looks like FixZeroaccess in some way tried to complete its task and failed.

Now to check the whole system

Please read carefully and Slowly

 Please scan with ESET next 

I'd like us to scan your machine with ESET OnlineScan

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  ESET OnlineScan
• Click the  button.
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on  to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the  icon on your desktop.
• Check 
• Click the  button.
• Accept any security warnings from your browser.
• Under scan settings, check  and DON'T (NO) check Remove found threats (reason for this is we don't want something deleted and then Windows won't load).
• Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• Attach the resulting log in your next reply

If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it. 

Quads

Here is the log.

Basically only one file to add to the list.

Disable Norton for say 30 minutes

Start OTL,  

Click the Scan All Users checkbox.

Change file age to 60 days

under  Copy and paste what is below between the lines

msconfig
activex
drivers32
netsvcs

"%WinDir%\$NtUninstallKB*$." /30
C:\Program Files\Common Files\ComObjects\*.* /s
%systemroot%\*. /mp /s
%systemroot%\*. /rp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90
%SYSTEMDRIVE%\*.exe
/md5start
volsnap.sys
atapi.sys
explorer.exe
winlogon.exe

mswsock.dll
wininit.exe
services.exe

svchost.exe
tdx.sys
afd.sys
cdrom.sys
i8042prt.sys
netbt.sys
redbook.sys

mrxsmb.sys

/md5stop

Press the 

An OTL.txt will be created.

Quads

Done.