i've seen something very similar to this on several machines that i've had access to... in at least one case, the web seemed to be slow because requests for many of the normal ad sites were being redirected via the hosts file to a system in the verizion network... that system was down and the browser was waiting for the connect or failure... no one has any idea how the hosts file got modified and they didn't even know what it was until i showed them... i never found any tracks of any trojans or infections with virus scanners, spybot, ad-aware or hijackthis... i have done several patch updates in the last week or two, though... it was about a month or so back when i discovered this situation... bigfix is used all the time to keep the users updated on when new patches are released... however there are times that it doesn't pick up everything... at least once a month we make a manual trip by m$'s update site... ahh, yes... this is w98se if that matters...