I noticed more ppl are seeing more or less the same effects as I did. Since this forum has been a great help, I'd thought to share my experiences. The effects I saw were; - google (and others) search results redirects - AVG would not update anymore - windows update website gives an error - windows update from configuration screen does not start - programs like cmd, regedit, combifix, etc would no longer run / stay running It turned out that in registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] the "aux" value refered to a malware program. In my case it was called "C:\\WINDOWS\\system32\\..\\efumr.swr" The solution was to use HijackThis to remove this file at boot time. It was new malware, not recognized by any virusscanner. I already submitted it to a number of anti-virus vendors. Kasperky already responded and called the new malware "Trojan.Win32.Agent.byab". Cheers, Stefan

This worked for me. My wife's system got snagged some time in the last few days (or weeks). Symptoms were the same. I downloaded Registrar Lite to scan the registry and found an 'aux2' value. I used HijackThis to nuke the file and that fixed the problem. Time stamp on the file was March 21, 2009. Names are probably random; mine was called cibuly.lwh. -= Bill =-