After many years of computer use, I encountered some malware that I couldn't fix with Spybot S&D or Ad-Aware. The malware file was 'sysaudio.sys', and it was detected by Malwarebytes. http://www.malwarebytes.org/ It appears that the malware hijacks search engine results, but thankfully I don't think it does 'other stuff' like keystroke logging. Useful article on Sysaudio: http://miekiemoes.blogspot.com/2008/10/fake-sysaudiosys-causes-searchengine.html do NOT confuse this one with the legitimate sysaudio.sys file which is present in the %sysdir%\drivers folder!!! So don't delete the legitimate %sysdir%\drivers\sysaudio.sys file! For what it's worth, I also had Zone Alarm detect WJQS.exe in real-time. At this stage I am unsure if it's related. Before I removed the sysaudio malware, Google was going to 220.127.116.11 instead of my usual 127.0.0.1 hosts file.