I am using Windows 7 Ultimate, 64-bit. It is using SP1 and is fully updated with Windows Update. This is a desktop with a wired connection to a Linksys E1200 router, which is in turn connected to an Arris cable modem.
Recently I have been not able to access certain websites in normal boot.
The symptom is: I boot the system, attempt to access these websites; the websites load partially (clearly missing the bottom portions); when I hit Refresh, error messages are displayed and I can no longer see anything.
All three browsers on my machine bahave the same. Firefox shows "The connection was reset"; Chrome shows "No data received"; IE shows "This page cannot be displayed".
I suspect this is an infection of sorts, because:
1. I am able to access these websites correctly when I boot into Safe Mode with Networking;
2. My Android tablet, using my WLAN connection, can access these websites correctly;
3. I have verified my hosts file. It holds no entries except for localhost;
4. I have verified my DNS servers. I changed them to Google's public DNS (the famous 188.8.131.52); ipconfig -all correctly shows this DNS; I have used ipconfig -flushdns; yet I am still unable to access these websites;
5. ping to these websites correctly return packets with a delay of about 35 ms and a TTL of around 55-57; tracert to these websites ends correctly at the same IP address as the ping;
6. I have verified that the system is not connecting using a proxy, to the best of my knowledge. I checked both inetcpl.cpl and Ethernet adapter configuration;
7. All of my friends can access these websites correctly. They are not on my LAN.
Steps I have taken (in no particular order):
1. I reinstalled Java (Java 7 update 51) because I initially suspected that this is a network sockets problem. Reinstalling Java did not do anything;
2. I performed a boot-time full scan with the lastest edition of Avast Free; it returned nothing bad;
3. I performed both quick-scan and full-scan with the latest edition of Malwarebytes; it returned nothing bad;
4. I performed scans using rkill, TDSSkiller and RogueKiller; they returned nothing bad;
5. I performed scans with ComboFix and this is where it gets funny: After the ComboFix run, I am able to access those websites correctly until the next boot. Which is to say, I run ComboFix, then I browse these websites correctly; I restart the system and I am no longer able to browse them correctly;
6. I then suspected this to be some sort of MBR virus; I used multiple tools to check the MBR and they all correctly return Windows 7 MBR code.
7. I attempted to perform System Restore to a date known to me when I still could correctly access these sites; System Restore returned error 0xc0000022. I performed sfc -scannow and it did not find any violations. System Restore still does not work and still returns error 0xc0000022;
8. The only changes I made to my system (that I know of) in the last few days were that I downloaded games through Steam and I installed Dropbox. I have removed Dropbox; the problem persists.
One of my friends, who holds two CCNA certificates and one CCNP certificate, has absolutely no idea what could be causing this.
I am ready to follow expert instructions to the letter.
Thank you all very much for your help!