Posts by gerbil

ccs, disconnect the failing drive. Then when you have installed windows to your new drive reconnect the failing drive. Restart your sys; if that is successful then try to copy over any files you require/can access, and then throw out the old drive. Its life is over.

Baby D, the Home Page entry in the display's Web tab listing is fine.
Has that popup gone now?
Static while playing. Could be a driver issue, they do go bad occasionally. You could check the website of the manufacturer of your motherboard to see if there are updated drivers you could install [tedious, and it is not really necessary to update what once was working satisfactorily], or you could uninstall the drivers you have and reinstall them...
Let's try that... I don't know how savvy you are about your computer's makeup, so first go Start, and enter...
msinfo32
Expand Components, select Sound Device. After a moment you should see your audio devices listed; note the entry [entries] beside Name. Done with that.
Again go Start, > Control Panel > System, then choose Hardware, Device Manager.
Expand Sound, video etc controllers; dclick the entry corresponding to that you saw earlier at Name. In the window that opens choose the Driver tab, press the Update Driver button.
In the Wizard window choose No, not this time, and press Next; then Install from a list..., and Next; finally Don't Search..., and Next. Select the audio service as listed before at Name, and click Next.
Repeat for any other audio services that appeared beside Name in the info window.
Play some music. Beiber, if you really must.

Rehabel, it is likely that malware is the culprit. give this a try:
==Please download Malwarebytes' Anti-Malware
from: http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
or: http://www.besttechie.net/tools/mbam-setup.exe
=Dclick that file, mbam-setup.exe, to install the application,
-ensure that it is set to update and start, else start it via the icon, and UPDATE it.
Select "Perform QUICK Scan", then click Scan; the application will guide you through the remaining steps.
ENSURE that EVERYTHING found has a CHECKMARK against it, then click Remove Selected.
If malware has been found [and removed] MBAM will automatically produce a log for you when it completes... do not click the Save Logfile button.
Examine the log: if some files are listed as Delete on Reboot then restart your machine before continuing.
Copy and post that log [it is also saved under Logs tab in MBAM].

:).
The weird noises... it is possible that you have set an active desktop that is not functioning all that well? Set either by yourself or by malware. It may be trying to play sounds from a website; to disable it [or at least to check] go Start > Control Panel > Display, Desktop tab > customise button, Web tab. There you should place a checkmark beside any unknown entries and choose Delete.
Let me know.

Er.. dodge AVG. Avast? Avira? Comodo? All available free, all good.

Still require some help, imra? Try this [your file association keys in registry have been damaged]: http://www.dougknox.com/xp/file_assoc.htm
Select the fixes you require for file types that will not run. In some cases it may be necessary to reinstall third party applications that use rare or proprietary file extensions.

Hello, Baby.D... it is not likely to be malware etc that is the cause of your problem. Looking at that run window, the file is from google canada, it is a Firefox file trying to run in IE... hard to say what it could be. Anyway, try this... it will give us some basic information as well as scan your sys for any malware or pestware [most folks have some.. :)]
==Please download Malwarebytes' Anti-Malware
from: http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
or: http://www.besttechie.net/tools/mbam-setup.exe
=Dclick that file, mbam-setup.exe, to install the application,
-ensure that it is set to update and start, else start it via the icon, and UPDATE it.
Select "Perform QUICK Scan", then click Scan; the application will guide you through the remaining steps.
ENSURE that EVERYTHING found has a CHECKMARK against it, then click Remove Selected.
If malware has been found [and removed] MBAM will automatically produce a log for you when it completes... do not click the Save Logfile button.
Examine the log: if some files are listed as Delete on Reboot then restart your machine before continuing.
Copy and post that log [it is also saved under Logs tab in MBAM].
==Hijackthis: You have a choice of versions, installable program or stand-alone executable; in action they are fundamentally identical; on their own they make no alterations, merely scan vulnerable locations and report. I prefer ii).

i] -download hijackthis: http://www.majorgeeks.com/download5554.html or

Yow! Seems like it gets into the swing of hibernation really early on in the cycle... :)

I only know of the UAC from playing with other's vista installations... it just doesn't LEARN. A decent firewall like that of Comodo has that capability if you use its settings and popups correctly, and then the UAC is not required. I note that the latest Avast AV has one [but it can learn]; the Comodo firewall is more comprehensive in its detections/actions - I like it.

Derek, I was going to post a few notes...
"i performed a repair install of win XP"... this will replace system files and some of the M$ part of registry, but does not necessarily repair malware damage; it will not remove malware files etc.
From the Pg1 combofix, an authorized app in firewall policy: "c:\\Documents and Settings\\Wool\\temp\\TeamViewer\\Version5\\TeamViewer.exe"= ;;; don't intall software into Docs and Sets, or Temp folders. I assume that you know it is there? It is monitoring and control software, generally available. It does not show in the DDS scan, did you install it? It is a bit of a worry if you did not.
Your error code 0x00000023 is indicative of a FAT file system error, perhaps related to antivirus.
Your internet failure.... you could just run this reg file to merge it with your registry [tcpip.reg dated 3/24].
c:\documents and settings\All Users\Application Data\bKhJcMk05200 : what is this folder?
Plenty of AVG in the [from CF log] c:\windows\LastGood.Tmp\system32\DRIVERS\ folder...
This folder should have been removed by Setup when the Repair completed. C:\$WIN_NT$.~BT - it controls the second phase of the repair/installation.

I do agree with Judy that a fresh installation will fix all that; the pain, at least for me, is updating, fixes and driver loading - it's a time thing. You have a whole lot of software to reload.... As far as data goes, I first image the old partition before formatting it, and copy back at leisure.

All I can suggest is that you update to the latest drivers for your hardwre.

"The drive also does not hav any bad sectors ethier... This leads me to think that this computer itself is going bad...". Not necessarily. It is just that the FAT structure has been corrupted, there is no way to repair that. Even deleting all files won't fix the structure. A quick or full format will create a new FAT structure.
Note, RJ, that if the parking lot is NTFS, the attendant will hold small cars in his register and not put them in the lot.. :) Strong paper.
Back to FATs...
"You will notice the same if, when you format your drive you do not check the quick-format option. Instead of just rewriting the file allocation table, the format process must rewrite each sector on the drive." No, a full format does not do that, it rebuilds the FAT and boot sector data and performs a surface scan for bad sectors.
Further, I am quite sure that it is not possible for a user to do a lowlevel format... that is manufacturer base stuff to establish the track/sector layout pattern, other disk parameters, map bad sectors and write all that into the onboard drive controller so it can manage read/writes, do the actual data management.
Writing all zeroes or any other bit pattern to java's disk won't help, that is just a security measure, it is what so-called low-level format tools do [nor will it hurt]. After any sort of format the new FAT will …

"I ran chkdsk and it found some .log files and other file that I don't use to have 'invalid allocation units' or 'invalid size' errors".
This is where you get to reformat that drive [partition]. These are irrecoverable errors in your MFT. Its structure has been compromised. Copy off what you wish/can, and reformat it.

PP, I cannot comment on Comodo's worth... should be good.. I lost the address of a german ratings group whose work I valued, cannot seem to find them via searches. As far as reinstalling goes, well, I would have done it weeks back, it is just a night's work, it is what I said yest? I, too, am often uncomfortable with the time span of some solutions/quests, I wonder at the resilience of the OPs, but that's how it can be with solution sites, time zones, work commitments... As an OP I'd not last a week! But that is not to underestimate the value of these sites.. helpers often put in a lot more effort than someone could reasonably afford to pay for; the help, too, can be of higher quality.
Comodo doing the DNS lookup is just their way of safeguarding browsers from bad web addresses instead of using a referral service like that of others. Upon reflection, I don't know why I edited in that kh should use the DNS server supplied by her ISP.
I did have a somewhat similar issue with a friend's sys and Java several weeks ago; it would not update, the installer would run and halt with an error message; this continued even after uninstallation of the loaded Java, running JavaRa.... I eventually solved it by judicious key deletions {JavaRa leaves heaps], but did not identify the culprit; it was a key, or number of.
But anyway...

Yes. kh, that is what I wanted to see, that key query result. I use Comodo, and I was puzzled as to why guard32.dll was not listed in your DDS log instead of a blank.
Thanks.

Rclick a file, go Summary tab, and fill in. You see there boxes for other column types also.

I am not sure the \Windows key value name AppInit_DLLS should appear with no entry? I might expect this to be used by parts of some AV service or similar... I don't like the Null entry much; it is possible to give a key value name a null entry, and then assign a data to it. I know that if App_Init_Dlls is empty then DDS does not report it.
I have watched this struggle occasionally, from afar... I think the OP has chosen the right course, reinstall. Something is broken, and badly.
kw, maybe you could paste this into a cmd window, and post c:\showkey.text ? Just my curiosity, really...
reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v appinit_dlls > c:\showkey.txt

:)

And your DNS lookup is via Comodo, not your ISP. Gee, they are taking over your internet. You really should use the DNS servers given by your ISP.

I'm hardly surprised at that.. :). This si a quick one: ==RKU from http://www.kernelmode.info/ARKs/RKUnhookerLE.EXE -start it, select Report tab, Scan, and tick Drivers and Stealth Code. If the generated report contains anything please save it, and post it.

Long thread. Did you ever run a rootkit scan [apart from that in Combofix], kh?

Ouch. a hard lesson for one so young. Yes, People do need to be aware that on the net is forever. Comes down to misplaced trust.. for your young friend, in a stranger [and that is so often fraught], and a lack of regard for other people {I wish that was not a growing thing, but I fear it is; it's possible to understand why]. We take so much pleasure in someone else's misfortune... that is, after all, a solid basis for humour [did you never burst out laughing when a friend fell in a puddle?], as well as some other disturbing feeling... them, not us.
But anyway...

Crikey, j, you'll make everyone paranoid. Well, not quite everyone, Facebook will go on...
And yes, the file will be in a "temp" store on his computer [as well as any place he saves it to], and will stay there until he cleans or it is cycled out with age... could be months. And even then it will remain on disk, not at all lost, until it is overwritten...
Baby, we must hear this file.... we just must.. :)

You're welcome, Mazekx. I guess I could have added that you should update and do a final scan and removal with MBAM to see if any other malware files have been unhidden. And now update your Java.
Cheers.

Hello, Mazekx, those two logs show clean [the rk warning is because of Safeboot, which is fine]. No new files were found for deletion. Are these two entries part of your corporate settings?
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2915997116-4131603029-1789207793-41665\Scripts\Logon\0\0]
"Script"=cambiar administrado por.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2915997116-4131603029-1789207793-41665\Scripts\Logon\1\0]
"Script"=SitiosdeConfianza.cmd

I suspect they are... so, go Start, Run and enter:
"%userprofile%\desktop\combofix.exe" /uninstall
-combofix will start, and remove combofix and its folders. And then you are good to go.

ComboFix contains embedded files and processes which may be recognised by your antivirus as hacking tools or trojans; your AV may delete them without prompting and so cause unpredictable results like an incomplete scan or stalling. It presents a risk you may not accept; however I see your "I can't uninstall it because it is a corporate tool and I haven't right to uninstall it nor stop it" ... in that case, because Combofix will run in Safe Mode [WITH Networking], and McAfee will not then be active, then do that.

Yes, I did note that from your first post, and it is why I suggested that there may be a driver conflict with tha ACPI specification. And I'm afraid i cannot help you with that, except to suggest that ProcMon from http://technet.microsoft.com/en-us/sysinternals/bb795533 may help you identify an item which is taking too long to run when you initialise hibernation. But please don't post the log... they are verrry long; start the capture just seconds before you go to hibernation, and to view the log use the filter wisely.

That is a good start. Combofix has at least been initialised at some point.... please go Start > Run, and enter..
c:\combofix /uninstall

==Download a fresh copy to your DESKTOP: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
.....or from: http://subs.geekstogo.com/ComboFix.exe
-IMPORTANT! : close other applications and save work, TURN OFF your Antivirus, Antispyware and Firewall for the duration of this scan.
- to run it dclick the Combofix.exe icon and follow the prompts to start it. If you do not have it installed already, Combofix will download and install the Recovery Console on your system.
A word of caution - do not touch your mouse/keyboard until the scan has completed [your computer will restart automatically] when a log, C:\Combofix.txt , will pop onto your desktop - post that log in your next reply.
The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs reboot to restore the desktop.

==Download and run this rootkit scanner from http://www.kernelmode.info/ARKs/RKUnhookerLE.EXE
-Select Report tab > Scan, tick only Drivers and Stealth Code. If the report contains anything save the file and post it.
Please comment on how the system runs.

Hello, Mazekx, yes, you do have a rootkit and associated infection.
TDSSKiller
==Download tdsskiller from this link, save it to your desktop:
http://support.kaspersky.com/downloads/utils/tdsskiller.exe -you may need to download it to a clean computer and then transfer it to the desktop using a USB flash drive.
Start TDSSKiller via this command, NOT the icon:
"%userprofile%\desktop\tdsskiller.exe" -l C:\tdssrpt.txt <==paste this into Start, Run...
- click Scan. If TDSSKiller finds a rootkit and prompts a Cure then press Continue [a reboot may be required]; press Continue also on Skip prompt. Do not delete or quarantine any files.
Post the log from C:\.

Because we are speaking different languages and because you have a corporate computer, there may be softwares that I am not familiar with... so please examine these files and folders - if they are NOT familiar to you then follow the instructions below:
c:\documents and settings\administrator\dati applicazioni\irsuty\tyodq.exe
c:\docume~1\admini~1\datiap~1\Vuynyf
c:\docume~1\admini~1\datiap~1\Irsuty
c:\windows\miatil.dll

If, as I suspect, they are unknown to you then:
==Please copy the text in the box to a Notepad [format/wordwrap unchecked] and save as fixkey.bat to your desktop; dclick it to run...

reg delete HKCU\software\microsoft\windows\currentversion\run /v Csuwileyocoz /f
reg delete HKCU\software\microsoft\windows\currentversion\run /v {063FE004-5120-2042-71E3-DC8952D33A7B} /f

Delete these folder/files:
c:\documents and settings\administrator\dati applicazioni\irsuty\tyodq.exe
c:\docume~1\admini~1\datiap~1\Vuynyf
c:\docume~1\admini~1\datiap~1\Irsuty
c:\windows\miatil.dll

Go to Control Panel, Add/Remove Pgms and remove all old versions of Java. [6.0.24 is current]. Wait until your system is clean before installing the latest …

M$'s advice when experiencing faults in the FAT [file allocation table] is to reformat that volume.

It is Explorer which is having trouble with file extensions. Explorer is a shell inside which you play. Task Manager is also a shell; like Explorer it uses the registry to find how to handle files, hence you cannot go File > NewTask, cmd.exe, but here the Ctrl key offers a special shortcut.
The cmd window is another shell, it has no such trouble with file extensions, it has no need to look up the key HKCR\.exe to find handlers. So...
Ctrl-Shift-Esc opens a TM window.
In TM, going File, then Ctrl-lclick NewTask opens a cmd window.
Inside that window you can run .exes.. eg regedit.

"I imagine malware has altered file association entries in your registry, and the solution to that is here: http://www.dougknox.com/xp/file_assoc.htm "
It is Explorer which is having trouble with file extensions. Explorer is a shell inside which you play. The cmd window is another shell, it has no such trouble with file extensions.
Ctrl-Shift-Esc opens a TM window.
In TM, going File, then Ctrl-lclick NewTask opens a cmd window.
Inside that window you can run .exes.. eg regedit.

Try this, then:
Part 1: msoe50.inf
-Open an Explorer window, search for msoe50.inf -the default location for this file is in the C:\Windows\Inf folder [show hidden files and folders].
-Right click the Msoe50.inf file, and then click Install.
-Insert your Windows XP CD-ROM when prompted and on it locate the I386 folder, click Open, and then click OK.
Outlook Express files will be installed. You may have the requisite i386 folder on your hdd. Easiest if you have a [slipstreamed] SP3 cd.

Part 2. wab50.inf
-search for wab50.inf -the default location for this file is in the C:\Windows\Inf folder.
-Right-click the Wab50.inf file, and then click Install.
-In the I386 folder on the CD-ROM click Open, and then click OK.
Outlook Express address book has installed.

Outlook Express is now reinstalled. Start Outlook Express to test its
functionality.

" Obviously i have some sort of virus that caused all of this."
"I was able to boot from my xp disc and repair it. I am currently midway through the repairing...."
A decent rule for using an OS is to not try to install software while it is infected. The previous poster was short on detail, he wanted you to open the Recovery Console which is presented as an option around about where you elected to go with a Repair Installation. But this is not a problem chkdsk can fix.... I imagine malware has altered file association entries in your registry, and the solution to that is here: http://www.dougknox.com/xp/file_assoc.htm
Continuing with the Repair will blast your OS back to the stoneage, you lose all your settings, may need to reinstall software, you will need to dl and install ALL updates, Security and otherwise.
If indeed you do have malware then the problem will reoccur, a Repair will not interfere with it at all. Cancel out of the Repair and use the fixes in that link, then run MBAM:
==Please download Malwarebytes' Anti-Malware
from: http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
or: http://www.besttechie.net/tools/mbam-setup.exe
=Dclick that file, mbam-setup.exe, to install the application,
-ensure that it is set to update and start, else start it via the icon, and UPDATE it.
Select "Perform QUICK Scan", then click Scan; the application will guide you through the remaining steps.
ENSURE that EVERYTHING found …

Ah.. that is annoying, but something to put up with [the connection]. I can only suggest that you dl and run ProcMon from just before you shutdown to hibernation. Then check the log for too-long times [gaps] in the Duration column.
With 2GB of mem you hardly need much of a page file.... I monitor the usage of mine.. they rarely go over 150MB total. [you can dl a small thing called WinXP-2K_PageFile from http://billsway.com/notes_public/WinXP_Tweaks/ to check how yours is used]. I think setting your PF to, say, 200MB min and 750MB max would be ok.

May I ask what you mean by this : "The only thing that I am having a problem with now is Outlook Express not loading up."
OE won't start, or it starts but won't present any mails in some or all of the folders?

I could have added... Sality incorporates a blocklist - any file or site mentioned in that list will not run or load. That would be why you experience problems with some sites. I don't know what is currently on that list but I would make a bet that the writers have included SalityKiller etc.
It is memory-resident, and so will choose whether to infect any executable that is run, or any html, and furthermore it writes into registry an entry that causes its driver to be loaded in safe mode.

You might use something like ProcMon to trap the source of the annoyance. That actual sound you are hearing is the recording in "\Windows\Media\Windows XP Shutdown.wav".
Search for that in the record, try to find what is calling it.
Might work, probably won't.

Holi, eh? What colour did you end up?
I think I tried to guide you in my first post to save data files only and reinstall your OS and applications, for otherwise it can be an adventure discovering the damage Sality has done. Having chosen to attempt a cure you should have used the Kaspersky cleaner at least. The problem with Sality is that when it infects a file it writes its own [encrypted] code at the entry point it uses and attempts to save the original code it is replacing; unfortunately it does a bad job of the latter and so removal/curing software will find the file to be irrecoverable. Once the sys is cleaned you can replace them yourself, of course, but that may be a task neverending. And... was it completely cleaned...?
Backing up the registry? I would not be without ERUNT; it does not entirely supplant System Restore but in most cases is all that is needed. Use the option also in the Windows Backup task to occasionally do a System State backup.

Notwithstanding all that has gone before, if your hiberfil.sys is working correctly the number of disks, drives, partitions etc is irrelevant, hiberfil.sys merely creates a file reflecting the contents of your memory at the time of commencing the shutdown process. Turning hibernation off will clear the hiberfile from the C: root. If then when it is turned on it still takes "forever" it could be driver or hardware incompatibility with the ACPI specification.
Personally, I fail to see why a home user would need to use hibernate at all, the idea is a non sequitur. If you are leaving your sys just save first and shut it down yourself. What are you doing that is so mission critical that you need to revive the exact memory state? And if it is so critical, why would you not save your stuff as you go?

It would help if you used punctuation in your post.
The SMART message indicates a problem with your hard drive [the primary master...]. When the SMART system bothers to send you a message the drive is usually toast; what it is telling you here is to backup your data and replace the drive. In your case I believe the best way to do that is to buy another drive, install Windows onto that and then copy off from your failing drive whatever is both possible and desirable.
I rather doubt that it is worth trying to resurrect to a bootable state the current OS, doing so may meanwhile result in the drive failing totally causing you to lose all data.
[This thread could be locked now? Or soon... no way am I going to read 20 posts to see what is relevant to the last tagger.]

"You don't need her permission to connect with team viewer. When you install it on her computer,...".
Sounds to me like her permission was obtained to do just that. girls used to love those locked diaries, I bet kids have passwords and are savvy about it all. TV was never meant to be a snoop software. I guess that's why it is called Team Viewer. There are other softwares that could be called Snoop Dog.

Hello, Somjit. You posted "...then back it up, n do a reformat n a fresh install.. i think my computer is infested with a lot of malware so i was thinking of this reformat."
Yes, there is a lot of malware, including a bootkit, a rootkit and Sality virus, and because you are not averse to the idea of saving wanted files [DATA only, such as picture files, documents etc because Sality is an executable process infector] and then reformating, reinstalling, I feel that is the best option, likely the quickest and easiest, also. You've pointed out that some of your applications are not working correctly - Sality may have infected their executables, and you would need to reinstall them anyway.
Choosing that path gives you the security of knowing that your system will then at least start off clean. It will only stay clean if you dump outdated software such as Grisoft's AS_7.5 ... gee, that is old. And run your chosen AV service.
Save your data files to cd, don't save any executables, even possibly desirable ones such as application installers.
You might start a cleaning job by these initial steps:
-run CCleaner in EACH user's accounts.
-run mbrcheck.exe from http://ad13.geekstogo.com/MBRCheck.exe run it, then close the cmd window and post the log.
-delete C:\rlgb.pif and c:\windows\system32\drivers\cvwgex.sys
-download and run Salitykiller.zip and then Sality Regkeys.zip as per instructions here: http://support.kaspersky.com/viruses/solutions?qid=208279889
-turn System Restore off for all …

Hello, skling, I don't see any security/malware issues in those reports. It does appear that MBAM has falsely removed vib.cde from your CAD application; it has been deleted so you will have to reload the pgm..
I don't know about the HASP\nettest.exe file; I suspect that it may have been a false positive also, the trigger being the packing of the file, or parts therein.
You could check the integrity of your driver files with Verifier. This M$ application loads a list of drivers to check at the next reboot; it does have the unfortunate knack of blue-screening your sys if it does find an issue with a file that the sys depends upon for running, though... the trick there is to restart and kill verifier before it scans to that file again, or from Safe Mode.
You use it by going Start, Run, and entering:
verifier
-accept the standard settings, in the next screen accept Auto select unsigned drivers; you will be presented with a list [if any] of drivers the tool wishes to check at boot. If then you get a stop message [BSOD] note the file name shown. To get out of that BSOD you restart and go into Safe Mode and run
verifier /reset -you must run this command anyway to stop verifier checking those files at every reboot, but if it does not bluescreeen then run it in Normal mode, or you can start verifier and use Delete existing …

Jus poking nose in..... Richard, if you open a cmd window and use that to run your REG cmd you will see the actual error messages as to why it did not work. Use this corrected cmd:
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
-there must be spaces before parameter types like /t
-the data is actually a zero, so /d 0 [you show a capital letter o above..]
But if you cannot boot to windows in any form then all that is moot.

There ya go, Trampaw. Before you know it, you'll be out of your truck and spending your life in front of a computer. Those local chicks [chooks] might then give you a new handle... Anyway...
Just for information [for anyone], you can start IE and pass it a file to display with this command as an example: Go Start, Run, and paste in...
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -k "d:\downloads\look.zip"
Then, rclicking Look.bat and choosing Open will give the notepad log as result. Windows has an inbuilt unzip application.
To exit press Alt F4
Note... don't run that example, Trampaw, because you did not save Look.zip to the location I gave in that command. You would probably run something like...
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -k "%homepath%\my documents\downloads\look.zip"
...but I'm guessing...

Hijackthis does not work correctly with W7... it shows a lot of services as "file missing". Believe me, if some of those files were actually missing, he wouldn't be posting any log. Something for you to fix, Mr Gates.. :)
OTL.exe works.

On some computers you must have the USB flashdrive inserted before you start the computer otherwise that option will not be shown on the one-time boot menu. Eg like mine...
Anyway, press F8 after BIOS starts to run.

Aw, heck.... I think I am beaten, Stellios. All I can think of now is deleting the current driver file, downloading a fresh one and trying with that. Here is the download location, just lclick it:
http://global-download.acer.com/GDFiles/Driver/Audio/AUDIO_Realtek_5.10.00.5930_Xpx86.zip?acerid=633645040942611583&Step1=Desktop&Step2=Aspire&Step3=Aspire%20T160&OS=X01&LC=en&BC=Acer&SC=EMEA_27
Say how it goes.... sigh...
System32 should open like any other folder; it is not a special or hidden folder...?!!

heya, Pops... look, please remember [or read back] what I told you about using IE to manipulate files [internet explorer.... in TM start iexplore.exe].
Opened one? Right, in the address bar type in where you saved Look.zip to [eg C:\downloads... wherever..]; when you go to it if you have any unzipping tool on your sys it should automatically unzip that file and show Look.bat, probably as an icon. Rclick that, choose Open, and it will run automatically and produce a notepad for you.