Event Viewer log: Faulting application name: Explorer.EXE, version: 6.1.7600.16450, time stamp: 0x4aeba271 Faulting module name: qedit.dll, version: 6.6.7600.16385, time stamp: 0x4a5bdad4 Exception code: 0xc0000005 Fault offset: 0x0005c832 Faulting process id: 0x600 Faulting application start time: 0x01cb917247cbd5d2 Faulting application path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\System32\qedit.dll Friendly view: + System - Provider [ Name] Application Error - EventID 1000 [ Qualifiers] 0 Level 2 Task 100 Keywords 0x80000000000000 - TimeCreated [ SystemTime] 2010-12-01T16:14:00.000000000Z EventRecordID 11098 Channel Application Computer Security - EventData Explorer.EXE 6.1.7600.16450 4aeba271 qedit.dll 6.6.7600.16385 4a5bdad4 c0000005 0005c832 600 01cb917247cbd5d2 C:\Windows\Explorer.EXE C:\Windows\System32\qedit.dll 014e27a9-fd66-11df-a275-0015f2ac57c8 _______ HiJackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 5:48:45 AM, on 12/2/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Program Files\Soluto\soluto.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\NetWorx\networx.exe C:\Program Files\cFosSpeed\cfosspeed.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ATI Tray Tools\atitray.exe C:\Program Files\DVD Tools\DAEMON Tools Lite\DTLite.exe C:\Program Files\Launchy\Launchy.exe C:\Program Files\Sizer\sizer.exe C:\Program Files\Rainlendar\Rainlendar.exe C:\Program Files\ObjectDock\ObjectDock.exe C:\Program Files\Opera\opera.exe C:\Program Files\TrueCrypt\TrueCrypt.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\System Utilities\PerfectDisk\PDAgentS1.exe C:\Windows\system32\DllHost.exe C:\Windows\explorer.exe C:\Program Files\Notepad2\Notepad2.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Advertising Cookie Opt-out - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\PROGRA~1\NetWorx\deskband.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\ATI Tray Tools\atitray.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DVD Tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\ObjectDock\ObjectDock.exe O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe O4 - Global Startup: Sizer.lnk = C:\Program Files\Sizer\sizer.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{617D9698-114A-4664-B162-496A5CC7BECE}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{617D9698-114A-4664-B162-496A5CC7BECE}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{617D9698-114A-4664-B162-496A5CC7BECE}: NameServer = 8.8.8.8,8.8.4.4 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files\ObjectDock\ODMenu.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\System Utilities\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\System Utilities\PerfectDisk\PDEngine.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe