Thank you for the help. I uninstalled Google toolbar with
no success. I also heard that uninstalling Norton
Systemworks might also help, but did that with no change.
If you have any other suggestions, would appreciate them.
Thanks.
The approach that I would take: packet trace just to know what
is going on. XP Pro's netcap captures the data and I would just
browse it in Notepad since although the .cap files are binary the
HTTP data is mostly readable. That would immediately help answer
questions such as whether a hijacking of that specific site was in effect
only for that particular browser (recognizing that you said the site is
accessible by another browser.)
Except for your symptom of getting an hourglass you might
then find a simple non-malware explanation for the partial rendering
you are seeing. However, the fact that you can access the site
using IE in safe mode I think strongly suggests that you do have
at least some residual effects from malware, even if the
spyware scanners you have used have found nothing wrong.
Even without taking a trace there are things you can do to investigate
your symptom such as turning on prompts for security options
and (usually not as usefully) turning on prompts for Cookies.
Assuming scripting, etc may be involved this allows you firstly to refine
your symptom description and secondly to check the TIF for what
files are being used at each "breakpoint". Netstat is another tool
I would use in this phase of an analysis (e.g. by switching to a
command window during the prompt) at least when a packet
trace was thought unnecessary.
More speculatively, I recently found out that XP has some tools
which might expose some potential causes of such symptoms
but I haven't actually seen them used (not in this newsgroup at least).
Start with netsh and its show commands. That could be
especially useful if you have another machine which is working
normally to use as a baseline for comparison.
E.g. I'm wondering if
netsh winsock show catalog type=LSP
ipseccmd show filters
would give you any clues.
ipseccmd is apparently available from the XP Support Tools.
BTW another poster has a similar symptom with Google.
In that case port 443 can be used but port 80 can not.
That proves that DNS is not an issue and implies that
there is something somewhere blocking (or invalidly redirecting)
a specific name and port combination.
My preference to problem solving is to use diagnostics and
analyse them from the point of view of supporting or disproving
some preliminary hypotheses about possible causes.
Others prefer to take a stab at a solution based on probable
causes, e.g. use what worked for others who had similar symptoms.
The fact that you can connect in safe mode or using Netscape
suggests the cause is likely malware. The other poster was adamant
that malware could not possibly be the cause which is why
I was forced into this sort of speculation. You can find lots
of suggestions from others' posts for uncovering and repairing
the effects of malware if you are willing to be more objective.
HTH
Robert[/QUOTE]
